5 matches found
CVE-2024-1989
creationtimestamp| type| source ---|---|--- 2024-03-06 07:26:46+00:00| seen| https://t.me/ctinow/201063 2024-03-06 07:31:12+00:00| seen| https://t.me/ctinow/201067...
CVE-2024-1989
The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'SassySocialShare' shortcode in all versions up to, and including, 3.3.58 due to insufficient input sanitization and output escaping on user supplied attributes such a...
CVE-2024-1989
The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'SassySocialShare' shortcode in all versions up to, and including, 3.3.58 due to insufficient input sanitization and output escaping on user supplied attributes such a...
CVE-2024-1989
CVE-2024-1989 affects the WordPress Social Sharing Plugin – Sassy Social Share (up to v3.3.58). Root cause: insufficient input sanitization and output escaping on shortcode attributes (e.g., url), enabling stored XSS. Impact: authenticated attackers with contributor+ can inject scripts that execu...
WordPress Sassy Social Share Plugin <= 3.3.58 is vulnerable to Cross Site Scripting (XSS)
Software Sassy Social Share Type Plugin Vulnerable versions = 3.3.58 Fixed in 3.3.59 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1989 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 45fbfca66ad6 Credits Bassem Essam Requir...