Blog2Social: Social Media Auto Post & Scheduler, CVE-2025-4133

CVE, Research URL: CVE-2025-4133
Home page URL: Security reports for Blog2Social: Social Media Auto Post & Scheduler
Application: Blog2Social: Social Media Auto Post & Scheduler
Published on: May 22, 2025
Research Description: The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 8.4.0 does not escape the title of posts when outputting them in a dashboard, which could allow users with the contributor role to perform Cross-Site Scripting attacks.
Affected versions: Min -, max 8.4.0.
Status: vulnerable

Blog2Social: Social Media Auto Post &amp; Scheduler, CVE-2025-4133