Medium

DATE	CVE	VULNERABILITY TITLE	RISK
2023-10-20	CVE-2022-3622	Missing Authorization vulnerability in Adenion Blog2Social The Blog2Social plugin for WordPress is vulnerable to authorization bypass due to missing capability checks in versions up to, and including, 6.9.11. network low complexity adenion CWE-862	4.3
2023-09-06	CVE-2023-40554	Unspecified vulnerability in Adenion Blog2Social Unauth. network low complexity adenion	6.1
2023-08-21	CVE-2023-3936	Unspecified vulnerability in Adenion Blog2Social The Blog2Social WordPress plugin before 7.2.1 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin network low complexity adenion	6.1
2022-10-25	CVE-2022-3247	Unspecified vulnerability in Adenion Blog2Social The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 6.9.10 does not have authorisation in an AJAX action, and does not ensure that the URL to make a request to is an external one. network low complexity adenion	6.5
2021-12-21	CVE-2021-24956	Unspecified vulnerability in Adenion Blog2Social The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 6.8.7 does not sanitise and escape the b2sShowByDate parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting issue network low complexity adenion	6.1
2019-11-13	CVE-2019-17550	Cross-site Scripting vulnerability in Adenion Blog2Social The Blog2Social plugin before 5.9.0 for WordPress is affected by: Cross Site Scripting (XSS). network low complexity adenion CWE-79	6.1
2019-03-05	CVE-2019-9576	Cross-site Scripting vulnerability in Adenion Blog2Social The Blog2Social plugin before 5.0.3 for WordPress allows wp-admin/admin.php?page=blog2social-ship XSS. network low complexity adenion CWE-79	6.1