Security Advisory

CVE-2025-4133

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-05-22 06:00:08

Last updated 2025-05-22 13:24:12

Assigner WPScan

State PUBLISHED

Description

The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 8.4.0 does not escape the title of posts when outputting them in a dashboard, which could allow users with the contributor role to perform Cross-Site Scripting attacks.

← Browse all CVEs View on cve.org ↗