PT-2025-36185 · WordPress · Hypesocial

Nguyen Xuan Chien

Published

2025-09-05

Updated

2025-09-05

CVE-2025-58846

Report an issue

CVSS v3.1

7.1

Vector

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions:

Dejan Markovic WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule versions n/a through 2020.1.0

Description:

A Cross-Site Request Forgery (CSRF) vulnerability exists in Dejan Markovic WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule. This issue also allows Reflected Cross-Site Scripting (XSS).

Recommendations:

Update Dejan Markovic WordPress Buffer – HYPESocial. Social Media Auto Post, Social Media Auto Publish and Schedule to a version later than 2020.1.0.

Fix

CSRF

Weakness Enumeration

CWE-352

Related Identifiers

CVE-2025-58846

Affected Products

Hypesocial

PT-2025-36185 · WordPress · Hypesocial

Weakness Enumeration

Related Identifiers

Affected Products

References · 3