Wp Social Autoconnect Project CVEs and Security Vulnerabilities - OpenCVE

Filtered by vendor Wp Social Autoconnect Project Subscriptions

Search

Switch to Advanced Search (Beta)

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v3.1
CVE-2024-12279	2 Wordpress, Wp Social Autoconnect Project	2 Wordpress, Wp Social Autoconnect	2025-08-12	6.1 Medium
The WP Social AutoConnect plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.6.2. This is due to missing or incorrect nonce validation on a function. This makes it possible for unauthenticated attackers to inject malicious web scripts via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
CVE-2023-37974	1 Wp Social Autoconnect Project	1 Wp Social Autoconnect	2024-11-21	5.4 Medium
Cross-Site Request Forgery (CSRF) vulnerability in Justin Klein WP Social AutoConnect plugin <= 4.6.1 versions.

Page 1 of 1.