cleantalk
Vulnerabilities and Security Researches

Easy Twitter Feed, CVE-2024-10666

CVE, Research URL

CVE-2024-10666

Home page URL

Security reports for Easy Twitter Feed

Application

Easy Twitter Feed

Published on
Nov 22, 2024
Research Description
The Easy Twitter Feed – Twitter feeds plugin for WP plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 1.2.6 via the [etf] shortcode. This makes it possible for authenticated attackers, with Contributor-level access and above, to extract data from password protected, private, or draft posts that they should not have access to.
Affected versions
max 1.2.6.
Status
vulnerable
Previous vulnerability researches
Easy Twitter Feed (CVE-2026-53736) , Jun 13, 2026
Easy Twitter Feed (CVE-2024-10666) , Nov 24, 2024
Easy Twitter Feed (CVE-2021-24413) , Jun 07, 2024
New vulnerability
Error Log Monitor (CVE-2023-33999) , Jun 13, 2026
Stackable – Page Builder Gutenberg Blocks (CVE-2023-33999) , Jun 13, 2026
WordPress Translation plugin for Post, Pages & WooCommerce products. Tranzly IO AI DeepL automatic WordPress Translator. (CVE-2023-33999) , Jun 13, 2026
Divi Forms Styler – Gravity Forms, Fluent Forms & Contact Form 7 (CVE-2023-33999) , Jun 13, 2026
EmbedPress – Embed PDF, Google Docs, Vimeo, Wistia, Embed YouTube Videos, Audios, Maps & Embed Any Documents in Gutenberg (CVE-2023-33999) , Jun 13, 2026