CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2018-20555

The Design Chemical Social Network Tabs plugin 1.7.1 for WordPress allows remote attackers to discover Twitter access_token, access_token_secret, consumer_key, and consumer_secret values by reading the dcwp_twitter.php source code. This leads to Twitter account takeover.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.401

EPSS Ranking 97.2%

CVSS Severity

CVSS v3 Score 9.8

CVSS v2 Score 7.5

References

https://github.com/fs0c131y/CVE-2018-20555
https://twitter.com/fs0c131y/status/1085828186708066304
https://wpvulndb.com/vulnerabilities/9204
https://github.com/fs0c131y/CVE-2018-20555
https://twitter.com/fs0c131y/status/1085828186708066304
https://wpvulndb.com/vulnerabilities/9204

Products affected by CVE-2018-20555

Designchemical » Social Network Tabs » Version: 1.7.1

cpe:2.3:a:designchemical:social_network_tabs:1.7.1

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2018-20555

Products

Pricing

Contact Us