CVE-2026-12002 | Smash Balloon Easy Social Feeds Plugin up to 6.11.1 oEmbed maybe_connection_data cross-site request forgery

SecurityVulns

A vulnerability described as problematic has been identified in Smash Balloon Easy Social Feeds Plugin up to 6.11.1. This impacts the function maybe_connection_data of the component oEmbed Handler. The manipulation results in cross-site request forgery.

This vulnerability is identified as CVE-2026-12002. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More