Really Simple Security logo

Log out
Get PRO

WP Social AutoConnect

  • WP Social AutoConnect on WordPress.org
  • Current version: 4.6.4
  • Last update: August 13, 2025
  • Known issues: Fixed
WP-FB AutoConnect is a WordPress plugin that allows readers to log in to a blog using their Facebook account or local WordPress credentials. The plugin offers full support for both WordPress and Buddypress, and no user interaction is required. Existing users who connect with Facebook retain the same local user accounts as before, and new visitors are given new user accounts that can be retained even if the plugin is removed. The plugin also offers a Premium addon with more advanced features.

This information is sourced from wpvulnerabilities.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Submit

Vulnerabilities

  • Input validation vulnerability in WP Social AutoConnect 4.6.3

    Fixed

    The WP-FB-AutoConnect plugin for WordPress has a security issue called Stored Cross-Site Scripting. This means that attackers who have admin access can add their own code to a page, and it will run w...

    Read More

  • Input validation vulnerability in WP Social AutoConnect 4.6.2

    Fixed

    The WP Social AutoConnect plugin for WordPress has a security issue that affects all versions up to 4.6.2. This is because it does not properly check for a specific security code when performing a ce...

    Read More

  • Input validation vulnerability in WP Social AutoConnect 4.6.1

    Fixed

    The WP-FB-AutoConnect plugin for WordPress is vulnerable to a type of attack called Cross-Site Request Forgery. Versions up to 4.6.1 of this plugin have an issue that leaves it open to attack. This i...

    Read More

  • Input validation vulnerability in WP Social AutoConnect 4.6.2

    Fixed

    The WP Social AutoConnect plugin is used for WordPress websites. There is a security vulnerability in versions up to, and including, 4.6.1. This means that unauthenticated attackers could potentially...

    Read More

  • Input validation vulnerability in WP Social AutoConnect 4.0.5

    Fixed

    The WP-FB-AutoConnect plugin for WordPress is vulnerable to a security issue called Stored Cross-Site Scripting. This security issue affects versions up to and including 4.0.5 of the plugin, and can ...

    Read More