cleantalk
Vulnerabilities and Security Researches

Autopost for X (formerly Autoshare for Twitter), CVE-2022-25912

CVE, Research URL

CVE-2022-25912

Home page URL

Security reports for Autopost for X (formerly Autoshare for Twitter)

Application

Autopost for X (formerly Autoshare for Twitter)

Published on
Dec 06, 2022
Research Description
The package simple-git before 3.15.0 are vulnerable to Remote Code Execution (RCE) when enabling the ext transport protocol, which makes it exploitable via clone() method. This vulnerability exists due to an incomplete fix of [CVE-2022-24066](https://security.snyk.io/vuln/SNYK-JS-SIMPLEGIT-2434306).
Affected versions
Min -, max 1.3.0.
Status
vulnerable
Previous vulnerability researches
Autopost for X (formerly Autoshare for Twitter) (CVE-2022-38900) , Jun 06, 2024
Autopost for X (formerly Autoshare for Twitter) (CVE-2022-25912) , Jun 06, 2024
Autopost for X (formerly Autoshare for Twitter) (CVE-2022-25858) , Jun 06, 2024
New vulnerability
WP Edit (CVE-2025-53253) , Jul 01, 2025
Accept Authorize.NET Payments Using Contact Form 7 (CVE-2025-53322) , Jul 01, 2025
Owl carousel responsive (CVE-2025-5590) , Jul 01, 2025
App Builder – Create Native Android & iOS Apps On The Flight (CVE-2025-49989) , Jul 01, 2025
Sitekit (CVE-2025-50047) , Jul 01, 2025