Lucene search
+L

73 matches found

Nuclei
Nuclei
added yesterday55 views

WordPress Easy Social Icons Plugin < 3.0.9 - Cross-Site Scripting

The Easy Social Icons plugin = 3.0.8 for WordPress echoes out the raw value of $SERVER'PHPSELF' in its main file. On certain configurations including Apache+modPHP this makes it possible to use it to perform a reflected cross-site scripting attack by injecting malicious code in the request path...

6.1CVSS6.4AI score0.0236EPSS
Exploits2References5
RedhatCVE
RedhatCVE
added 2026/01/09 10:45 a.m.8 views

CVE-2022-0887

The Easy Social Icons WordPress plugin before 3.1.4 does not sanitize the selectedicons attribute to the cnsswidget before using it in an SQL statement, leading to a SQL injection vulnerability...

7.2CVSS7.5AI score0.01265EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2026/01/09 10:44 a.m.8 views

CVE-2022-0840

The Easy Social Icons WordPress plugin before 3.2.1 does not properly escape the imagefile field when adding a new social icon, allowing high privileged users to inject arbitrary javascript even when the unfilteredhtml capability is disallowed...

4.8CVSS6.4AI score0.00588EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2015-2194

Malware in sbrugna...

6.8CVSS6.4AI score0.02621EPSS
Exploits1References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.14 views

EUVD-2021-25683

Malware in sbrugna...

6.1CVSS6.1AI score0.0236EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-15885

Malicious code in bioql PyPI...

4.8CVSS5.1AI score0.00588EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-38122

Malicious code in bioql PyPI...

4.3CVSS8.4AI score0.00411EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2023-52392

Malicious code in bioql PyPI...

6.5CVSS6.7AI score0.00377EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.8 views

EUVD-2022-15923

Malicious code in bioql PyPI...

7.2CVSS7AI score0.01265EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:42 a.m.8 views

CVE-2023-48336

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cybernetikz Easy Social Icons allows Stored XSS.This issue affects Easy Social Icons: from n/a through 3.2.4...

6.5CVSS6.7AI score0.00377EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 1:44 a.m.12 views

CVE-2023-33998

Missing Authorization vulnerability in cybernetikz Easy Social Icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Social Icons: from n/a through 3.2.5...

4.3CVSS8AI score0.00411EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2024/12/13 3:15 p.m.9 views

CVE-2023-33998

Missing Authorization vulnerability in CyberNetikz Easy Social Icons easy-social-icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Social Icons: from n/a through = 3.2.5...

4.3CVSS5.8AI score0.00411EPSS
Exploits0References3
NVD
NVD
added 2024/12/13 3:15 p.m.36 views

CVE-2023-33998

Missing Authorization vulnerability in cybernetikz Easy Social Icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Social Icons: from n/a through 3.2.5...

4.3CVSS0.00411EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/12/13 2:23 p.m.28 views

CVE-2023-33998 WordPress Easy Social Icons plugin <= 3.2.5 - Broken Access Control vulnerability

Missing Authorization vulnerability in cybernetikz Easy Social Icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Social Icons: from n/a through 3.2.5...

4.3CVSS0.00411EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/12/13 12:0 a.m.11 views

PT-2024-12457 · WordPress · Easy Social Icons

Name of the Vulnerable Software and Affected Versions: Easy Social Icons versions 3.2.4 and earlier Description: A broken access control vulnerability has been identified in the Easy Social Icons plugin for WordPress. This issue allows exploiting incorrectly configured access control security...

4.3CVSS8.8AI score0.00411EPSS
Exploits0References9
CNNVD
CNNVD
added 2024/12/13 12:0 a.m.4 views

WordPress plugin Easy Social Icons 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

4.3CVSS8AI score0.00411EPSS
Exploits0References1
NVD
NVD
added 2023/11/30 11:15 a.m.18 views

CVE-2023-48336

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cybernetikz Easy Social Icons allows Stored XSS.This issue affects Easy Social Icons: from n/a through 3.2.4...

6.5CVSS0.00377EPSS
Exploits0References1
OSV
OSV
added 2023/11/30 11:15 a.m.3 views

CVE-2023-48336

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cybernetikz Easy Social Icons allows Stored XSS.This issue affects Easy Social Icons: from n/a through 3.2.4...

5.4CVSS5.8AI score
Exploits0References1
Prion
Prion
added 2023/11/30 11:15 a.m.21 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in cybernetikz Easy Social Icons allows Stored XSS.This issue affects Easy Social Icons: from n/a through 3.2.4...

4.9CVSS6.9AI score0.00377EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/11/30 10:36 a.m.79 views

CVE-2023-48336

CVE-2023-48336 (Easy Social Icons) affects WordPress plugin Easy Social Icons (versions

6.5CVSS6.7AI score0.00377EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder