CVE Vulnerabilities

CVE-2024-3678

Insecure Storage of Sensitive Information

Published: Apr 26, 2024 | Modified: Jun 05, 2025
CVSS 3.x
N/A
Source:
NVD
CVSS 2.x
RedHat/V2
RedHat/V3
Ubuntu
root.io minimus.io echohq.com

The Blog2Social: Social Media Auto Post & Scheduler plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 7.4.2. This makes it possible for unauthenticated attackers to view limited information from password protected posts.

Weakness

The product stores sensitive information without properly limiting read or write access by unauthorized actors.

Affected Software

Name Vendor Start Version End Version
Blog2social Adenion * 7.5.0 (excluding)

References