{"id":7615,"date":"2025-07-04T16:07:26","date_gmt":"2025-07-04T16:07:26","guid":{"rendered":"http:\/\/localhost\/?p=7615"},"modified":"2025-07-04T16:07:26","modified_gmt":"2025-07-04T16:07:26","slug":"nextscripts-social-networks-auto-poster-443-authenticatedsubscriber-sensitive-information-exposure","status":"publish","type":"post","link":"https:\/\/zero.redgem.net\/?p=7615","title":{"rendered":"NextScripts: Social Networks Auto-Poster <= 4.4.3 - Authenticated(Subscriber+) Sensitive Information Exposure"},"content":{"rendered":"
\n

CVE Details<\/h2>\n
\n
\n

Basic Information<\/h3>\n\n\n\n\n\n
Title<\/th>\nNextScripts: Social Networks Auto-Poster <= 4.4.3 - Authenticated(Subscriber+) Sensitive Information Exposure<\/td>\n<\/tr>\n
Type<\/th>\ncve<\/td>\n<\/tr>\n
Published<\/th>\n2024-05-22T06:50:34.168Z<\/td>\n<\/tr>\n
Modified<\/th>\n2024-08-01T19:03:39.186Z<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Product Information<\/h3>\n\n\n\n\n
Vendor<\/th>\nnextscripts<\/td>\n<\/tr>\n
Product<\/th>\nNextScripts: Social Networks Auto-Poster<\/td>\n<\/tr>\n
Version<\/th>\n*<\/td>\n<\/tr>\n<\/table>\n<\/div>\n<\/div>\n
\n

CVSS Information<\/h3>\n\n\n\n
Base Score<\/th>\n8.5 (HIGH)<\/td>\n<\/tr>\n
Attack Vector<\/th>\nCVSS:3.1\/AV:N\/AC:L\/PR:L\/UI:N\/S:C\/C:H\/I:L\/A:N<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

AI Analysis<\/h3>\n\n\n\n\n\n\n
AI Description<\/th>\nThe NextScripts: Social Networks Auto-Poster plugin for WordPress is vulnerable to sensitive information exposure. Authenticated attackers with subscriber access or higher can extract sensitive data, including social network API keys and secrets, due to improper access controls in the ‘nxs_getExpSettings’ function.<\/td>\n<\/tr>\n
AI Severity<\/th>\nHigh<\/td>\n<\/tr>\n
AI Vendor<\/th>\nWordPress Community<\/td>\n<\/tr>\n
AI Product<\/th>\nNextScripts: Social Networks Auto-Poster<\/td>\n<\/tr>\n
AI Version<\/th>\n<=4.4.3<\/td>\n<\/tr>\n<\/table>\n<\/div>\n
\n

Affected Products<\/h4>\n