Skip to main content

Custom Twitter Feeds

2 CVEs product

Monthly

CVE-2024-8983 MEDIUM POC This Month

Custom Twitter Feeds WordPress plugin before 2.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Command Injection Custom Twitter Feeds
NVD WPScan
CVSS 3.1
4.8
EPSS
0.4%
CVE-2024-0379 MEDIUM PATCH This Month

The Custom Twitter Feeds - A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.9%.

WordPress CSRF Custom Twitter Feeds
NVD VulDB
CVSS 3.1
4.3
EPSS
13.9%
EPSS 0% CVSS 4.8
MEDIUM POC This Month

Custom Twitter Feeds WordPress plugin before 2.2.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting. Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

WordPress XSS Command Injection +1
NVD WPScan
EPSS 14% CVSS 4.3
MEDIUM PATCH This Month

The Custom Twitter Feeds - A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2.1. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. Epss exploitation probability 13.9%.

WordPress CSRF Custom Twitter Feeds
NVD VulDB

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy