Widgets for Social Photo Feed Plugin Vulnerabilities, CVEs & Patch Status

Coverage Snapshot

What this page helps you verify fast

This hub clusters every indexed record for Widgets for Social Photo Feed so operators can quickly confirm whether a disclosed issue maps to the installed slug and version range.

Patch Visibility

2 records include a published patch path.

Severity Mix

0 critical and 1 high severity finding.

Reference Workflow

Jump from the hub into the full report when you need remediation notes, CVSS vector details, or source references.

Known Vulnerabilities

Reports for Widgets for Social Photo Feed

Sorted by latest disclosure date so newly published issues surface first.

Plugin High Patched: Yes CVE-2026-5425

Widgets for Social Photo Feed <= 1.7.9 - Unauthenticated Stored Cross-Site Scripting via feed_data

The Widgets for Social Photo Feed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'feed_data' parameter keys in all versions up to, and including, 1.7.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticate...

Published

Apr 03, 2026

Patched Release

1.8.0

Affected Versions

Versions up to 1.7.9

Next Step

Update to 1.8.0 or newer if supported.

Open Full Report Open CVE Reference

Plugin Medium Patched: No CVE-2025-68595

Widgets for Social Photo Feed <= 1.7.7 - Missing Authorization

The Widgets for Social Photo Feed plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on a function in versions up to, and including, 1.7.7. This makes it possible for unauthenticated attackers to perform an unauthorized action.

Published

Dec 23, 2025

Patched Release

Not published

Affected Versions

Versions up to 1.7.7

Next Step

Open the full report for remediation notes and references.

Open Full Report Open CVE Reference

Widgets for Social Photo Feed Vulnerabilities

What this page helps you verify fast

Reports for Widgets for Social Photo Feed