cleantalk
Vulnerabilities and Security Researches

Twittee Text Tweet, CVE-2023-0602

CVE, Research URL

CVE-2023-0602

Home page URL

Security reports for Twittee Text Tweet

Application

Twittee Text Tweet

Published on
Jul 31, 2023
Research Description
The Twittee Text Tweet WordPress plugin through 1.0.8 does not properly escape POST values which are printed back to the user inside one of the plugin's administrative page, which allows reflected XSS attacks targeting administrators to happen.
Affected versions
max 1.0.8.
Status
vulnerable
Previous vulnerability researches
Twittee Text Tweet (CVE-2026-4089) , Apr 23, 2026
Twittee Text Tweet (CVE-2023-0602) , Jun 07, 2024
New vulnerability
AutomatorWP – The #1 automator plugin for no-code automation in WordPress (CVE-2025-9539) , Apr 23, 2026
ExactMetrics – Google Analytics Dashboard for WordPress (Website Stats Plugin) (CVE-2026-5464) , Apr 23, 2026
Kcaptcha (CVE-2026-4121) , Apr 23, 2026
mCatFilter (CVE-2026-4139) , Apr 23, 2026
Short Comment Filter (CVE-2026-3362) , Apr 23, 2026