Easysocialfeed Easy_social_feed

10 CVEs affecting Easysocialfeed Easy_social_feed. Latest disclosed: 2024-12-09. Critical: 0, High: 0.

Top CVEs affecting Easysocialfeed Easy_social_feed
CVESeverityScorePublishedSummary
CVE-2024-30180Medium6.52024-03-27Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Easy Social Feed allows Stored XSS.This issue affects Eas…
CVE-2024-1278Medium6.42024-03-21The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'efb_lik…
CVE-2021-25120Medium6.12022-04-18The Easy Social Feed Free and Pro WordPress plugins before 6.2.7 do not sanitise some of their parameters used via AJAX actions before outputting them back in…
CVE-2024-1213Medium5.42024-03-21The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and…
CVE-2022-4474Medium5.42023-01-23The Easy Social Feed WordPress plugin before 6.4.0 does not validate and escape some of its shortcode attributes before outputting them back in the page, which…
CVE-2024-1219Medium5.32024-04-17The Easy Social Feed WordPress plugin before 6.5.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, whic…
CVE-2023-48740Medium4.32024-12-09Missing Authorization vulnerability in Sajid Javed Easy Social Feed easy-facebook-likebox allows Exploiting Incorrectly Configured Access Control Security Leve…
CVE-2024-30526Medium4.32024-03-31Cross-Site Request Forgery (CSRF) vulnerability in Easy Social Feed.This issue affects Easy Social Feed: from n/a through 6.5.6.
CVE-2024-1214Medium4.32024-03-21The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and…
CVE-2023-6883Medium4.32024-01-11The Easy Social Feed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple AJAX functions in al…