cleantalk
Vulnerabilities and Security Researches

WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule, 2c8c0b2b2d4ff396dbd5a808758cae1b5becb48a

CVE, Research URL

2c8c0b2b2d4ff396dbd5a808758cae1b5becb48a

Home page URL

Security reports for WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule

Application

WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule

Published on
Feb 28, 2022
Research Description
WordPress Buffer &#8211; HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule [buffer-my-post] <= 2020.1.0 (unfixed) WordPress "WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule" plugin <= 2020.1.0 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability discovered in WordPress "WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule" plugin (versions <= 2020.1.0).
Affected versions
Min -, max 2020.1.0.
Status
vulnerable
Previous vulnerability researches
WordPress Buffer &#8211; HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule (2c8c0b2b2d4ff396dbd5a808758cae1b5becb48a) , Jun 06, 2024
WordPress Buffer &#8211; HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule (CVE-2022-4974) , Nov 15, 2024
WordPress Buffer &#8211; HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule (CVE-2025-58846) , Sep 07, 2025
New vulnerability
Zakra (CVE-2025-8595) , Sep 15, 2025
PDF Embedder , Sep 11, 2025
Pixeline&#039;s Email Protector (CVE-2025-58982) , Sep 11, 2025
Include Me (CVE-2025-58983) , Sep 11, 2025
PagSeguro / PagBank Connect (CVE-2025-10142) , Sep 11, 2025