Easy Social Icons plugin is prone to a cross-site request forgery vulnerability because of insufficient validation is performed on the “image_file” parameter which allows arbitrary JavaScript.
Upgrade the plugin.
CPE | Name | Operator | Version |
---|---|---|---|
easy social icons | le | 1.2.2 |