Medium 4.3
2025-10-22< 4.3.3
CVE-2025-49937
Smash Balloon Social Post Feed – Simple Social Feeds for WordPress
Minimum safe version
4.3.3
Update to 4.3.3 or later to address 8 fixable vulnerabilities
Latest available4.7.6 ✓
Medium 6.4
2025-06-11< 4.3.2
WordPress Smash Balloon Social Post Feed Plugin <= 4.3.1 is vulnerable to Cross Site Scripting (XSS)
Medium 4.3
2024-04-15< 4.2.2
CVE-2024-31379
N/A
2021-07-20< 2.19.2
Smash Balloon Plugins (Various Versions) - Reflected Cross-Site Scripting
Medium 5.4
2023-01-16< 4.1.6
CVE-2022-4477
Medium 6.1
2021-09-13< 2.19.2
CVE-2021-24508
Medium 5.4
2021-11-29< 4.0.1
CVE-2021-24918
Medium 5.4
2022-01-17< 4.1.1
CVE-2021-25065