WordPress Plugin Vulnerabilities

Blog2Social <= 5.0.0 - PHP Obj Injection

Description

The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin was affected by a PHP Obj Injection security vulnerability.

Affects Plugins

Plugin icon
blog2social
Fixed in 5.0.1

References

URL
https://plugins.trac.wordpress.org/changeset?reponame=&new=1944620%40blog2social&old=1942896%40blog2social

Classification

Type
OBJECT INJECTION
OWASP top 10
A8: Insecure Deserialization
CWE
CWE-502

Miscellaneous

Verified
No
WPVDB ID
92cecc9e-30cc-4d7b-8b26-d3febf834f00

Timeline

Publicly Published
2018-09-21 (about 7 years ago)
Added
2019-06-19 (about 6 years ago)
Last Updated
2019-06-19 (about 6 years ago)

Other

Published
Title
Published
2024-02-09
Title
Brooklyn <= 4.9.7.6 - PHP Object Injection
Published
2026-03-17
Title
Travel Booking WordPress Theme < 3.2.8.1 - Unauthenticated PHP Object Injection
Published
2025-09-03
Title
LTL Freight Quotes - TQL Edition < 1.2.7 - Authenticated (Administrator+) PHP Object Injection
Published
2025-08-23
Title
PDF for WPForms < 6.5.1 - Authenticated (Subscriber+) PHP Object Injection
Published
2025-07-16
Title
JetFormBuilder < 3.5.2 - Authenticated (Administrator+) PHP Object Injection