MidnightBSD

Advisories for mediabetaprojects

CVE-2024-0779

The Enjoy Social Feed plugin for WordPress website WordPress plugin through 6.2.2 does not have authorisation and CSRF in various function hooked to admin_init, allowing unauthenticated users to call them and unlink arbitrary users Instagram Account for example

Products Affected

Vendor Product Version
mediabetaprojects enjoy_social_feed *