Browse all 3 CVE security advisories affecting ClickToTweet.com. AI-powered Chinese analysis, POCs, and references for each vulnerability.
ClickToTweet.com is a web service enabling users to create tweetable links that automatically populate pre-written messages. Historically, the platform has been vulnerable to cross-site scripting (XSS) and remote code execution (RCE) due to improper input validation and insecure handling of user-generated content. The service has three documented CVEs, including multiple XSS flaws that allowed attackers to execute malicious scripts in victims' browsers. While no major security incidents have been widely reported, the recurring nature of these vulnerabilities suggests consistent challenges in sanitizing user inputs and implementing robust content security policies.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2023-41857 | WordPress Click To Tweet plugin <= 2.0.14 - Broken Access Control vulnerability — Click To TweetCWE-862 | 5.4 | Medium | 2024-12-13 |
| CVE-2024-23514 | WordPress Click To Tweet Plugin <= 2.0.14 is vulnerable to Cross Site Scripting (XSS) — Click To TweetCWE-79 | 6.5 | Medium | 2024-02-10 |
| CVE-2023-41856 | WordPress Click To Tweet Plugin <= 2.0.14 is vulnerable to Cross Site Scripting (XSS) — Click To TweetCWE-79 | 7.1 | High | 2023-10-02 |
This page lists every published CVE security advisory associated with ClickToTweet.com. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.