10web 10web Social Post Feed — known CVE vulnerabilities
Every CVE whose affected-product data names 10web 10web Social Post Feed, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (2)
CVE-2023-2503 — CVSS 6.1 (medium): The 10Web Social Post Feed WordPress plugin before 1.2.9 does not sanitise and escape some parameter before outputting it back in a page…
CVE-2024-9607 — CVSS 6.1 (medium): The 10Web Social Post Feed plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without…