Back to search
CVE-2018-20555
Published: Mar 18, 2019
Modified: Aug 5, 2024
PUBLISHED
Description
The Design Chemical Social Network Tabs plugin 1.7.1 for WordPress allows remote attackers to discover Twitter access_token, access_token_secret, consumer_key, and consumer_secret values by reading the dcwp_twitter.php source code. This leads to Twitter account takeover.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
https://wpvulndb.com/vulnerabilities/9204
x_refsource_MISC
https://twitter.com/fs0c131y/status/1085828186708066304
x_refsource_MISC
https://github.com/fs0c131y/CVE-2018-20555
x_refsource_MISC
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now