cleantalk
Vulnerabilities and Security Researches

Custom Twitter Feeds – A Tweets Widget or X Feed Widget, CVE-2024-8983

CVE, Research URL

CVE-2024-8983

Home page URL

Security reports for Custom Twitter Feeds – A Tweets Widget or X Feed Widget

Application

Custom Twitter Feeds – A Tweets Widget or X Feed Widget

Published on
Oct 08, 2024
Research Description
Custom Twitter Feeds WordPress plugin before 2.2.3 is not filtering some of its settings allowing high privilege users to inject scripts.
Affected versions
Min -, max 2.2.3.
Status
vulnerable
Previous vulnerability researches
Custom Twitter Feeds – A Tweets Widget or X Feed Widget (CVE-2024-8983) , Oct 09, 2024
Custom Twitter Feeds – A Tweets Widget or X Feed Widget (CVE-2024-49685) , Oct 25, 2024
Custom Twitter Feeds – A Tweets Widget or X Feed Widget (CVE-2022-33974) , Jun 07, 2024
Custom Twitter Feeds – A Tweets Widget or X Feed Widget (CVE-2023-52136) , Jun 07, 2024
Custom Twitter Feeds – A Tweets Widget or X Feed Widget (CVE-2024-0379) , Jun 07, 2024
New vulnerability
WP Shortcodes Plugin — Shortcodes Ultimate (CVE-2025-8015) , Jul 22, 2025
Appointment & Event Booking Calendar Plugin – Webba Booking (CVE-2025-54040) , Jul 22, 2025
Integration for Pipedrive and Contact Form 7, WPForms, Elementor, Ninja Forms (CVE-2025-7696) , Jul 21, 2025
Temporarily Hidden Content (CVE-2025-7658) , Jul 21, 2025
Testimonial Post type (CVE-2025-5800) , Jul 21, 2025