moosocial

Top products

The 15 most recently published vulnerabilities affecting moosocial.

• CVE-2018-25371mooSocial Store Plugin 2.6 SQL Injection via product parameter8.2May 25, 2026
• CVE-2023-45542Cross Site Scripting vulnerability in mooSocial 3.1.8 allows a remote attacker to obtain sensitive information via a crafted script to the q parameter in the Search function.6.1Oct 16, 2023
• CVE-2023-44813Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the mode parameter of the invite friend login function.6.1Oct 9, 2023
• CVE-2023-44812Cross Site Scripting (XSS) vulnerability in mooSocial v.3.1.8 allows a remote attacker to execute arbitrary code via a crafted payload to the admin_redirect_url parameter of the user login function.6.1Oct 9, 2023
• CVE-2023-44811Cross Site Request Forgery (CSRF) vulnerability in MooSocial v.3.1.8 allows a remote attacker to execute arbitrary code and obtain sensitive information via the admin Password Change Function.8.8Oct 9, 2023
• CVE-2023-43323mooSocial 3.1.8 is vulnerable to external service interaction on post function. When executed, the server sends a HTTP and DNS request to external server. The Parameters effected are multiple - mes...6.5Sep 28, 2023
• CVE-2023-43326A reflected cross-site scripting (XSS) vulnerability exisits in multiple url of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a crafted URL.6.1Sep 25, 2023
• CVE-2023-43325A reflected cross-site scripting (XSS) vulnerability in the data[redirect_url] parameter of mooSocial v3.1.8 allows attackers to steal user's session cookies and impersonate their account via a cra...6.1Sep 25, 2023
• CVE-2023-40869Cross Site Scripting vulnerability in mooSocial mooSocial Software 3.1.6 and 3.1.7 allows a remote attacker to execute arbitrary code via a crafted script to the edit_menu, copuon, and group_catego...6.1Sep 14, 2023
• CVE-2023-40868Cross Site Request Forgery vulnerability in mooSocial MooSocial Software v.Demo allows a remote attacker to execute arbitrary code via the Delete Account and Deactivate functions.8.8Sep 14, 2023
• CVE-2023-4175mooSocial mooTravel cross site scripting3.5Aug 6, 2023
• CVE-2023-4174mooSocial mooStore cross site scripting3.5Aug 6, 2023
• CVE-2023-4173mooSocial mooStore index cross site scripting3.5Aug 6, 2023
• CVE-2023-3849mooSocial mooDating URL find-a-match cross site scripting3.5Jul 23, 2023
• CVE-2023-3848mooSocial mooDating URL view cross site scripting3.5Jul 23, 2023