Lucene search
K

5 matches found

OSV
OSV
added 2025/09/22 7:15 p.m.6 views

CVE-2025-57981

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in catchsquare WP Social Widget allows Stored XSS. This issue affects WP Social Widget: from n/a through 2.3.1...

5.4CVSS5.8AI score0.00197EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/06/06 12:0 a.m.7 views

PT-2025-24234 · WordPress · Catchsquare Wp Social Widget

Name of the Vulnerable Software and Affected Versions: catchsquare WP Social Widget versions n/a through 2.3 Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an attacker c...

6.5CVSS6.1AI score0.00216EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2025/05/23 9:58 a.m.10 views

CVE-2024-27189

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in catchsquare WP Social Widget allows Stored XSS.This issue affects WP Social Widget: from n/a through 2.2.5...

6.5CVSS8.6AI score0.00337EPSS
Exploits0References1
NVD
NVD
added 2024/03/15 1:15 p.m.21 views

CVE-2024-27189

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in catchsquare WP Social Widget allows Stored XSS.This issue affects WP Social Widget: from n/a through 2.2.5...

6.5CVSS6.4AI score0.00337EPSS
Exploits0References1
CVE
CVE
added 2024/03/15 12:52 p.m.71 views

CVE-2024-27189

CVE-2024-27189 affects WordPress WP Social Widget (plugin) versions up to and including 2.2.5, with a Stored XSS due to improper input neutralization during page generation. Public reports confirm the issue (WordPress plugin page and Red Hat/NVD references) and indicate a fix was released in vers...

6.5CVSS8.6AI score0.00337EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder