cleantalk
Vulnerabilities and Security Researches

10WebSocial, CVE-2018-10301

CVE, Research URL

CVE-2018-10301

Home page URL

Security reports for 10WebSocial

Application

10WebSocial

Published on
Apr 23, 2018
Research Description
Cross-site scripting (XSS) vulnerability in the Web-Dorado Instagram Feed WD plugin before 1.3.1 Premium for WordPress allows remote attackers to inject arbitrary web script or HTML by passing payloads in a comment on an Instagram post.
Affected versions
Min -, max 1.4.19.
Status
vulnerable
Previous vulnerability researches
Easy Social Photos Gallery – MIF (9ee7f15134d640c2eae950910d76785cbb4fb093) , Jun 07, 2024
Kona Gallery Block (CVE-2025-25080) , Feb 05, 2025
Kona Gallery Block (CVE-2024-13400) , Feb 01, 2025
10WebSocial (CVE-2018-10301) , Jun 06, 2024
10WebSocial (CVE-2021-25047) , Jun 06, 2024
New vulnerability
MetalpriceAPI (CVE-2025-48140) , Jun 05, 2025
Broken Link Checker (CVE-2025-4047) , Jun 05, 2025
Staff Directory – Employee Directory for WordPress (CVE-2025-5531) , Jun 05, 2025
Faculty Staff and Student Directory Plugin – Campus Directory (CVE-2025-5532) , Jun 05, 2025
WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) (CVE-2025-47670) , Jun 05, 2025