VYPR

Custom Facebook Feed

by WordPress

Source repositories

CVEs (3)

  • CVE-2021-25065MedJan 17, 2022
    risk 0.35cvss 5.4epss 0.01

    The Smash Balloon Social Post Feed WordPress plugin before 4.1.1 was affected by a reflected XSS in custom-facebook-feed in cff-top admin page.

  • CVE-2025-49937MedOct 22, 2025
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Syed Balkhi Smash Balloon Social Post Feed custom-facebook-feed allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Smash Balloon Social Post Feed: from n/a through <= 4.3.2.

  • CVE-2024-31379MedApr 15, 2024
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Smash Balloon Smash Balloon Social Post Feed.This issue affects Smash Balloon Social Post Feed: from n/a through 4.2.1.