Every CVE whose affected-product data names Adenion Blog2social, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (14)
CVE-2024-3549 — CVSS 9.9 (critical): The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to SQL Injection via the 'b2sSortPostType' parameter…
CVE-2022-3246 — CVSS 8.8 (high): The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 6.9.10 does not properly sanitise and escape a parameter before…
CVE-2021-24137 — CVSS 8.8 (high): Unvalidated input in the Blog2Social WordPress plugin, versions before 6.3.1, lead to SQL Injection in the Re-Share Posts feature, allowing…
CVE-2023-40554 — CVSS 7.1 (high): Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in Blog2Social, Adenion Blog2Social: Social Media Auto Post & Scheduler plugin…
CVE-2022-3247 — CVSS 6.5 (medium): The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 6.9.10 does not have authorisation in an AJAX action, and does…
CVE-2024-7302 — CVSS 6.4 (medium): The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 3gp2 file uploads…
CVE-2019-17550 — CVSS 6.1 (medium): The Blog2Social plugin before 5.9.0 for WordPress is affected by: Cross Site Scripting (XSS). The impact is: Allows an attacker to execute…
CVE-2019-9576 — CVSS 6.1 (medium): The Blog2Social plugin before 5.0.3 for WordPress allows wp-admin/admin.php?page=blog2social-ship XSS.
CVE-2021-24956 — CVSS 6.1 (medium): The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 6.8.7 does not sanitise and escape the b2sShowByDate parameter…
CVE-2023-3936 — CVSS 6.1 (medium): The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a…
CVE-2025-4133 — CVSS 5.4 (medium): The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 8.4.0 does not escape the title of posts when outputting them…
CVE-2024-3678 — CVSS 5.3 (medium): The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up…
CVE-2022-3622 — CVSS 4.1 (medium): The Blog2Social plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in versions up to, and…