cleantalk
Vulnerabilities and Security Researches

10WebSocial, CVE-2021-25047

CVE, Research URL

CVE-2021-25047

Home page URL

Security reports for 10WebSocial

Application

10WebSocial

Published on
Jan 10, 2022
Research Description
The 10Web Social Photo Feed WordPress plugin before 1.4.29 was affected by a reflected Cross-Site Scripting (XSS) vulnerability in the wdi_apply_changes admin page, allowing an attacker to perform such attack against any logged in users
Affected versions
Min -, max 1.4.29.
Status
vulnerable
Previous vulnerability researches
Easy Social Photos Gallery – MIF (9ee7f15134d640c2eae950910d76785cbb4fb093) , Jun 07, 2024
Kona Gallery Block (CVE-2025-25080) , Feb 05, 2025
Kona Gallery Block (CVE-2024-13400) , Feb 01, 2025
10WebSocial (CVE-2018-10301) , Jun 06, 2024
10WebSocial (CVE-2021-25047) , Jun 06, 2024
New vulnerability
MetalpriceAPI (CVE-2025-48140) , Jun 05, 2025
Broken Link Checker (CVE-2025-4047) , Jun 05, 2025
Staff Directory – Employee Directory for WordPress (CVE-2025-5531) , Jun 05, 2025
Faculty Staff and Student Directory Plugin – Campus Directory (CVE-2025-5532) , Jun 05, 2025
WordPress Social Login and Register (Discord, Google, Twitter, LinkedIn) (CVE-2025-47670) , Jun 05, 2025