HIGH✓ PATCH🇬🇧 English

CVE-2024-37275

CVSS 7.1v3.1pub. 2024-07-22upd. 2026-04-23

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NextScripts NextScripts social-networks-auto-poster-facebook-twitter-g allows DOM-Based XSS.This issue affects NextScripts: from n/a through <= 4.4.7.

oryginał EN
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
  • Nextscripts Social Networks Auto Poster

    APP
    Nextscripts
    ≤ 4.4.6
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
XSS
CWE
Referencje

Powiązane podatności

CVE-2024-2088HIGH8.5ten sam produkt

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Sensitive Information Expos...

CVE-2023-49183HIGH7.1ten sam produkt

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NextScri...

CVE-2020-36831MEDIUM5.0ten sam produkt

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to authorization bypass due to...

CVE-2024-1446MEDIUM5.4ten sam produkt

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery ...

CVE-2024-1762MEDIUM6.1ten sam produkt

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting...