Recent Vulnerabilities Product List Research Posts Trends Blog About Contact

Published: 15/04/2025 Updated: 15/04/2025

Stored XSS Vulnerability in Widget for Social Page Feeds WordPress Plugin

The Widget for Social Page Feeds WordPress plugin before version 6.4.2 has a Cross Site Scripting (XSS) vulnerability. This security issue occurs because the plugin does not properly sanitize and escape certain settings. As a result, high-privilege users like administrators can potentially conduct Stored XSS attacks, even in scenarios where the unfiltered_html capability is restricted, such as in a multisite WordPress environment.

https://nvd.nist.gov https://www.first.org/epss https://wpscan.com/vulnerability/c3e27fa2-b6dd-48eb-83ec-99dc034eff38/

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2024-13207

Vulnerability Summary

References

Vulmon Search

About

Products

Connect