Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

NextScripts — Vulnerabilities & Security Advisories 9

Browse all 9 CVE security advisories affecting NextScripts. AI-powered Chinese analysis, POCs, and references for each vulnerability.

NextScripts develops social media automation tools that enable users to manage multiple accounts and schedule content across platforms. Historically, the application has been susceptible to multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues, often stemming from insufficient input validation and improper access controls. With nine CVEs documented, these vulnerabilities have allowed attackers to execute arbitrary code, steal session cookies, and gain unauthorized administrative access. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities highlights ongoing challenges in secure development practices for automation platforms that handle sensitive social media credentials.

Top products by NextScripts: NextScripts: Social Networks Auto-Poster NextScripts
CVE IDTitleCVSSSeverityPublished
CVE-2026-3228 NextScripts: Social Networks Auto-Poster <= 4.4.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'nxs_fbembed' Shortcode — NextScripts: Social Networks Auto-PosterCWE-79 6.4 Medium2026-03-10
CVE-2026-27379 WordPress NextScripts plugin <= 4.4.7 - PHP Object Injection vulnerability — NextScriptsCWE-502 8.8 High2026-03-05
CVE-2020-36831 NextScripts: Social Networks Auto-Poster <= 4.3.17 - Missing Authorization — NextScripts: Social Networks Auto-PosterCWE-284 5.0 Medium2024-10-16
CVE-2024-37275 WordPress NextScripts plugin <= 4.4.7 - Cross Site Scripting (XSS) vulnerability — NextScriptsCWE-79 7.1 High2024-07-22
CVE-2024-1762 NextScripts: Social Networks Auto-Poster <= 4.4.3 - Unauthenticated Stored Cross-Site Scripting via User Agent — NextScripts: Social Networks Auto-PosterCWE-79 6.1 Medium2024-05-22
CVE-2024-2088 NextScripts: Social Networks Auto-Poster <= 4.4.3 - Authenticated(Subscriber+) Sensitive Information Exposure — NextScripts: Social Networks Auto-PosterCWE-202 8.5 High2024-05-22
CVE-2024-1446 NextScripts: Social Networks Auto-Poster <= 4.4.3 - Cross-Site Request Forgery to Arbitrary Post Deletion — NextScripts: Social Networks Auto-PosterCWE-352 5.4 Medium2024-05-22
CVE-2023-49183 WordPress NextScripts Plugin <= 4.4.2 is vulnerable to Cross Site Scripting (XSS) — NextScripts: Social Networks Auto-PosterCWE-79 7.1 High2023-12-15
CVE-2021-38356 NextScripts: Social Networks Auto-Poster <= 4.3.20 Reflected Cross-Site Scripting — NextScripts: Social Networks Auto-PosterCWE-79 6.1 Medium2021-11-01

This page lists every published CVE security advisory associated with NextScripts. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.