cleantalk
Vulnerabilities and Security Researches

WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule, CVE-2025-58846

CVE, Research URL

CVE-2025-58846

Home page URL

Security reports for WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule

Application

WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule

Published on
Sep 05, 2025
Research Description
Cross-Site Request Forgery (CSRF) vulnerability in Dejan Markovic WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule allows Reflected XSS. This issue affects WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule: from n/a through 2020.1.0.
Affected versions
Min -, max 2020.1.0.
Status
vulnerable
Previous vulnerability researches
Everest News (CVE-2023-28687) , Jun 10, 2024
Everest News (CVE-2023-27421) , Jun 10, 2024
New vulnerability
TrustMate.io – WooCommerce integration (CVE-2025-58802) , Sep 08, 2025
Woocommerce Notify Updated Product (CVE-2025-58856) , Sep 08, 2025
Site Info (CVE-2025-58866) , Sep 08, 2025
Authors List (CVE-2025-58792) , Sep 07, 2025
License Manager for WooCommerce (CVE-2025-58788) , Sep 07, 2025