5 matches found
CVE-2025-57981
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in catchsquare WP Social Widget allows Stored XSS. This issue affects WP Social Widget: from n/a through 2.3.1...
PT-2025-24234 · WordPress · Catchsquare Wp Social Widget
Name of the Vulnerable Software and Affected Versions: catchsquare WP Social Widget versions n/a through 2.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker c...
CVE-2024-27189
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in catchsquare WP Social Widget allows Stored XSS.This issue affects WP Social Widget: from n/a through 2.2.5...
CVE-2024-27189
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in catchsquare WP Social Widget allows Stored XSS.This issue affects WP Social Widget: from n/a through 2.2.5...
CVE-2024-27189
CVE-2024-27189 affects WordPress WP Social Widget (plugin) versions up to and including 2.2.5, with a Stored XSS due to improper input neutralization during page generation. Public reports confirm the issue (WordPress plugin page and Red Hat/NVD references) and indicate a fix was released in vers...