The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.3 via the 'nxs_getExpSettings' function. This makes it possible for authenticated attackers, with subscriber access and above, to extract sensitive data including social network API keys and secrets.
oryginał ENCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:NNextscripts Social Networks Auto Poster
APPNextscripts< 4.4.4
Powiązane podatności
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NextScri...
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NextScri...
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to authorization bypass due to...
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery ...
The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting...