Feed Them Social – Social Media Feeds, Video, and Photo Galleries

Information

Software Type Plugin
Software Slug feed-them-social (view on wordpress.org)
Software Status Active
Software Author slickremix
Software Website feedthemsocial.com
Software Downloads 4,063,143
Software Active Installs 30,000
Software Record Last Updated October 3, 2024

13 Vulnerabilities

4.3
CVE ID Unknown
Mar 29, 2023
Researchers:
Title Status CVE ID CVSS Researchers Date
Feed Them Social <= 4.2.0 - Cross-Site Request Forgery via review_nag_check Patched CVE-2024-24710 3.5 Abdi Pranata January 31, 2024
Feed Them Social <= 4.0.7 - Cross-Site Request Forgery Patched 4.3 March 29, 2023
Feed Them Social <= 3.0.2 - Cross-Site Request Forgery Patched CVE-2023-25056 5.4 Rio Darmawan February 21, 2023
Feed Them Social – for Twitter feed, Youtube and more <= 2.9.9 - Subscriber+ Stored Cross-Site Scripting Patched CVE-2022-2940 6.1 Marco Wotschka November 14, 2022
Feed Them Social – for Twitter feed, Youtube and more <= 2.9.9 - Cross-Site Request Forgery to Settings update Patched CVE-2022-2942 8.8 Marco Wotschka November 14, 2022
Feed Them Social – for Twitter feed, Youtube and more <= 2.9.9 - Reflected Cross-Site Scripting Patched CVE-2022-2383 6.1 dc11 July 26, 2022
Feed Them Social – for Twitter feed, Youtube and more <= 2.9.9 - Subscriber+ Stored Cross-Site Scripting Patched CVE-2022-2532 6.1 Krzysztof Zając July 26, 2022
Feed Them Social – for Twitter feed, Youtube and more <= 2.9.8.5 - Unauthenticated PHAR Deserialization Patched CVE-2022-2437 9.8 Rasoul Jahanshahi July 12, 2022
Feed Them Social – for Twitter feed, Youtube and more <= 2.9.8.5 - Cross-Site Request Forgery to Plugin Settings Update Patched 9.8 July 12, 2022
Feed Them Social – for Twitter feed, Youtube and more <= 2.9.9 - Reflected Cross-Site Scripting Patched CVE-2022-2383 6.1 dc11 July 12, 2022
Feed Them Social – Page, Post, Video, and Photo Galleries <= 2.8.6 - Cross-Site Request Forgery Bypass Patched CVE-2020-36739 4.3 Jerome Bruandet September 16, 2020
Feed Them Social <= 1.6.9 - Arbitrary Shortcode Execution Patched CVE-2015-9351 9.8 James Hooker February 2, 2015
Feed Them Social <= 1.6.9 - Reflected Cross-Site Scripting Patched CVE-2015-9350 6.1 James Hooker February 2, 2015

Did you know Wordfence Intelligence provides free personal and commercial API access to our comprehensive WordPress vulnerability database, along with a free webhook integration to stay on top of the latest vulnerabilities added and updated in the database? Get started today!

Learn more

Want to get notified of the latest vulnerabilities that may affect your WordPress site?
Install Wordfence on your site today to get notified immediately if your site is affected by a vulnerability that has been added to our database.

Get Wordfence

The Wordfence Intelligence WordPress vulnerability database is completely free to access and query via API. Please review the documentation on how to access and consume the vulnerability data via API.

Documentation