CVE Details
Basic Information
| Title |
CVE-2025-4133 |
| Type |
cve |
| Published |
2025-05-22T06:15:57 |
| Last Seen |
2025-05-22T06:21:39 |
CVSS Information
| Base Score |
0.0 () |
| Attack Vector |
|
| Attack Complexity |
|
| Privileges Required |
|
| User Interaction |
|
| Scope |
|
| Confidentiality Impact |
|
| Integrity Impact |
|
| Availability Impact |
|
AI Analysis
| AI Description |
The Blog2Social plugin for WordPress is vulnerable to Cross-Site Scripting (XSS) due to improper sanitization of post titles. This vulnerability allows contributors to inject malicious scripts into the dashboard, potentially compromising the site’s security. |
| AI Severity |
Medium |
| Vendor |
Blog2Social Team |
| Product |
Blog2Social: Social Media Auto Post & Scheduler |
| Affected Version |
Before 8.4.0 |
Additional Information
| CVE List |
CVE-2025-4133 |
| CWE List |
|
| Bulletin Family |
cve |
Description
The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 8.4.0 does not escape the title of posts when outputting them in a dashboard, which could allow users with the contributor role to perform Cross-Site Scripting attacks.
CVSS Score Summary
Base Score: %!f(string=#) ()
View Full CVE Details
