CVE-2025-4133 - Adenion Blog2social

Moderate 5.4

The Blog2Social: Social Media Auto Post & Scheduler WordPress plugin before 8.4.0 does not escape the title of posts when outputting them in a dashboard, which could allow users with the contributor role to perform Cross-Site Scripting attacks.

Affected software

Adenion Blog2social

Reference links

Get alerted to vulnerabilities in your software

CVE alerts, vulnerability alerts, latest versions and news matched to your software stack.