Vulnerabilities > Smashballoon > Custom Twitter Feeds > 1.2.9

DATE CVE VULNERABILITY TITLE RISK
2024-10-31 CVE-2024-49685 Cross-Site Request Forgery (CSRF) vulnerability in Smashballoon Custom Twitter Feeds
Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds (Tweets Widget) allows Cross Site Request Forgery.This issue affects Custom Twitter Feeds (Tweets Widget): from n/a through 2.2.3.
network
low complexity
smashballoon CWE-352
8.8
8.8
2024-01-05 CVE-2023-52136 Unspecified vulnerability in Smashballoon Custom Twitter Feeds
Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds – A Tweets Widget or X Feed Widget.This issue affects Custom Twitter Feeds – A Tweets Widget or X Feed Widget: from n/a through 2.1.2.
network
low complexity
smashballoon
8.8
8.8
2023-05-29 CVE-2022-33974 Unspecified vulnerability in Smashballoon Custom Twitter Feeds
Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Custom Twitter Feeds (Tweets Widget) plugin <= 1.8.4 versions.
network
low complexity
smashballoon
8.8
8.8