in

Insufficient Privilege Validation in NextScripts: Social Networks Auto-Poster (blog.sucuri.net)

NextScripts: Social Networks Auto-Poster is a plugin that  automatically publishes posts from your blog to your Social Media accounts such as Facebook, Twitter, Google+, Blogger, Tumblr, Flickr, LinkedIn, Instagram, Telegram, YouTube, WordPress, etc.

During a routine research audit for our Sucuri Firewall, we discovered a post deletion, arbitrary posting in social networks, and arbitrary plugin settings update affecting over 100,000 users of the WordPress plugin.

Leave a Reply

Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites

Critical Vulnerability in File Manager Plugin Affecting 700k WordPress Websites (blog.sucuri.net)

High-Severity Vulnerability Patched in Advanced Access Manager

High-Severity Vulnerability Patched in Advanced Access Manager (www.wordfence.com)