Smub Smash Balloon Social Photo Feed – Easy Social Feeds Plugin
2 CVEs affecting Smub Smash Balloon Social Photo Feed – Easy Social Feeds Plugin. Latest disclosed: 2026-07-08. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2025-4583 | Medium | 5.4 | 2025-05-29 | The Smash Balloon Social Photo Feed – Easy Social Feeds Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the `data-plugin` attribut… |
CVE-2026-12002 | Medium | 4.7 | 2026-07-08 | The Smash Balloon Social Photo Feed – Easy Social Feeds Plugin plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and incl… |