HIGH✓ PATCH🇵🇱 Wersja polska

CVE-2023-49183

CVSS 7.1v3.1pub. 2023-12-15upd. 2026-04-28

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NextScripts NextScripts: Social Networks Auto-Poster allows Reflected XSS.This issue affects NextScripts: Social Networks Auto-Poster: from n/a through 4.4.2.

CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
  • Nextscripts Social Networks Auto Poster

    APP
    Nextscripts
    ≤ 4.4.2
🟢
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
XSS
CWE
References

Related vulnerabilities

CVE-2024-37275HIGH7.1ten sam produkt

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in NextScri...

CVE-2024-2088HIGH8.5ten sam produkt

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Sensitive Information Expos...

CVE-2020-36831MEDIUM5.0ten sam produkt

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to authorization bypass due to...

CVE-2024-1446MEDIUM5.4ten sam produkt

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Cross-Site Request Forgery ...

CVE-2024-1762MEDIUM6.1ten sam produkt

The NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to Stored Cross-Site Scripting...