cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forbuffer-my-post buffer-my-post

Direction: ascending
Jun 06, 2024

WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule # 2c8c0b2b2d4ff396dbd5a808758cae1b5becb48a

CVE, Research URL

2c8c0b2b2d4ff396dbd5a808758cae1b5becb48a

Home page URL

Security reports for WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule

Application

WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule

Date
Feb 28, 2022
Research Description
WordPress Buffer &#8211; HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule [buffer-my-post] <= 2020.1.0 (unfixed) WordPress "WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule" plugin <= 2020.1.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress "WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule" plugin (versions <= 2020.1.0).
Affected versions
Min -, max -.
Status
vulnerable
Nov 15, 2024

WordPress Buffer &#8211; HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule # CVE-2022-4974

CVE, Research URL

CVE-2022-4974

Home page URL

Security reports for WordPress Buffer &#8211; HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule

Application

WordPress Buffer &#8211; HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule

Date
Oct 16, 2024
Research Description
The Freemius SDK, as used by hundreds of WordPress plugin and theme developers, was vulnerable to Cross-Site Request Forgery and Information disclosure due to missing capability checks and nonce protection on the _get_debug_log, _get_db_option, and the _set_db_option functions in versions up to, and including 2.4.2. Any WordPress plugin or theme running a version of Freemius less than 2.4.3 is vulnerable.
Affected versions
Min -, max -.
Status
vulnerable
Sep 07, 2025

WordPress Buffer &#8211; HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule # CVE-2025-58846

CVE, Research URL

CVE-2025-58846

Home page URL

Security reports for WordPress Buffer &#8211; HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule

Application

WordPress Buffer &#8211; HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule

Date
Sep 05, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Dejan Markovic WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule allows Reflected XSS. This issue affects WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule: from n/a through 2020.1.0.
Affected versions
Min -, max -.
Status
vulnerable