CVE-2024-49272 MEDIUM

CVE-2024-49272: WordPress Social Auto Poster plugin <= 5.3.15 - Cross Site Request Forgery (CSRF) vulnerability

Vendor Wpweb

Product Social Auto Poster

Weakness CWE-352 · CSRF

Published October 20, 2024

Last update April 28, 2026

View on NVD All CVEs

CVSS base score

4.3/10

Attack vector Network

Attack complexity Low

Privileges required None

User interaction Required

Confidentiality None

Integrity Low

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:N/I:L/A:N

What the vulnerability does

01Description

Cross-Site Request Forgery (CSRF) vulnerability in wpweb Social Auto Poster social-auto-poster allows Cross Site Request Forgery.This issue affects Social Auto Poster: from n/a through <= 5.3.15.

Key dates

02Disclosure timeline

October 20, 2024 CVE published

April 28, 2026 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-49272 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/352.html

Related vulnerabilities

04Related CVE

CVE-2024-13709 Linear <= 2.8.1 - Cross-Site Request Forgery to Cache Reset CVE-2025-32264 WordPress UltraAddons – Elementor Addons plugin <= 2.0.2 - Cross Site Request Forgery (CSRF) vulnerability CVE-2024-0515 Royal Elementor Addons and Templates <= 1.3.87 - Cross-Site Request Forgery via remove_from_compare CVE-2024-3215 Paid Memberships Pro <= 3.0.1 - Cross-Site Request Forgery CVE-2022-1845 WP Post Styling < 1.3.1 - Multiple CSRF