Smashballoon Custom Twitter Feeds — known CVE vulnerabilities
Every CVE whose affected-product data names Smashballoon Custom Twitter Feeds, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2024-8983 — CVSS 4.8 (medium): Custom Twitter Feeds WordPress plugin before 2.2.3 does not sanitise and escape some of its settings, which could allow high privilege…
CVE-2023-52136 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds – A Tweets Widget or X Feed Widget.This issue…
CVE-2024-0379 — CVSS 4.3 (medium): The Custom Twitter Feeds – A Tweets Widget or X Feed Widget plugin for WordPress is vulnerable to Cross-Site Request Forgery in all…