Easysocialfeed Easy Social Feed — known CVE vulnerabilities
Every CVE whose affected-product data names Easysocialfeed Easy Social Feed, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (10)
CVE-2024-30180 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Easy Social Feed allows Stored…
CVE-2024-1278 — CVSS 6.4 (medium): The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is vulnerable to Stored Cross-Site Scripting…
CVE-2021-25120 — CVSS 6.1 (medium): The Easy Social Feed Free and Pro WordPress plugins before 6.2.7 do not sanitise some of their parameters used via AJAX actions before…
CVE-2024-1213 — CVSS 5.4 (medium): The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is vulnerable to Cross-Site Request Forgery…
CVE-2022-4474 — CVSS 5.4 (medium): The Easy Social Feed WordPress plugin before 6.4.0 does not validate and escape some of its shortcode attributes before outputting them…
CVE-2024-1219 — CVSS 5.3 (medium): The Easy Social Feed WordPress plugin before 6.5.6 does not validate and escape some of its shortcode attributes before outputting them…
CVE-2024-30526 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Easy Social Feed.This issue affects Easy Social Feed: from n/a through 6.5.6.
CVE-2023-48740 — CVSS 4.3 (medium): Missing Authorization vulnerability in Sajid Javed Easy Social Feed easy-facebook-likebox allows Exploiting Incorrectly Configured Access…
CVE-2023-6883 — CVSS 4.3 (medium): The Easy Social Feed plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on multiple…
CVE-2024-1214 — CVSS 4.3 (medium): The Easy Social Feed – Social Photos Gallery – Post Feed – Like Box plugin for WordPress is vulnerable to Cross-Site Request Forgery…