PT-2025-43718 · WordPress · Wp Social Feed Gallery
3R1C
·
Publicado
2025-10-25
·
Atualizado
2025-10-25
·
CVE-2025-10637
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
Social Feed Gallery plugin for WordPress versions prior to 4.9.3
Description
The Social Feed Gallery plugin for WordPress is susceptible to Information Exposure due to inadequate user authorization verification. This allows unauthenticated attackers to extract Instagram profile and media data from any account connected to the website.
Recommendations
Update the Social Feed Gallery plugin to version 4.9.3 or later.
Correção
Missing Authorization
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Wp Social Feed Gallery