CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi Floating Social Bar floating-social-bar allows Stored XSS.This issue affects Floating Social Bar: from n/a through = 1.1.7...

5.9CVSS7.2AI score0.00225EPSS

Exploits0References1

NVD•added 2025/04/24 4:15 p.m.•6 views

CVE-2025-46451

5.9CVSS0.00225EPSS

Exploits0References1

Cvelist•added 2025/04/24 4:9 p.m.•14 views

CVE-2025-46451 WordPress Floating Social Bar plugin <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability

5.9CVSS0.00225EPSS

Exploits0References1

Vulnrichment•added 2025/04/24 4:9 p.m.•4 views

CVE-2025-46451 WordPress Floating Social Bar <= 1.1.7 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Syed Balkhi Floating Social Bar allows Stored XSS. This issue affects Floating Social Bar: from n/a through 1.1.7...

5.9CVSS6.7AI score0.00225EPSS

Exploits0References1

CVE•added 2025/04/24 4:9 p.m.•50 views

CVE-2025-46451

CVE-2025-46451 is a stored XSS in the WordPress plugin Floating Social Bar , affecting versions up to 1.1.7. Root cause: improper neutralization of input during web page generation. Impact is described as stored cross-site scripting with logs indicating Medium severity (CVSS v3.1 base score 5.9)....

5.9CVSS7.2AI score0.00225EPSS

Exploits0References1

CNNVD•added 2025/04/24 12:0 a.m.•1 views

WordPress plugin Floating Social Bar 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS6.1AI score0.00225EPSS

Exploits0References2

Positive Technologies•added 2025/04/24 12:0 a.m.•2 views

PT-2025-17774 · Unknown · Syed Balkhi Floating Social Bar

Name of the Vulnerable Software and Affected Versions: Syed Balkhi Floating Social Bar versions 1.1.7 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting, which allows Stored XSS. This means that an...

5.9CVSS6.2AI score0.00225EPSS

Exploits0References3

Cvelist•added 2017/09/19 3:0 p.m.•17 views

CVE-2015-3299

Cross-site scripting XSS vulnerability in the Floating Social Bar plugin before 1.1.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to original service order...

6.1AI score0.01766EPSS

Exploits1References3

CVE•added 2017/09/19 3:0 p.m.•40 views

CVE-2015-3299

CVE-2015-3299 refers to a Cross-site Scripting (XSS) vulnerability in the WordPress plugin Floating Social Bar, affected versions prior to 1.1.7. The issue allows remote attackers to inject arbitrary script/HTML via vectors related to the original service order. Impact is consistent with a user-f...

6.1CVSS6AI score0.01766EPSS

Exploits1References3Affected Software1

seebug.org•added 2015/09/25 12:0 a.m.•18 views

Floating Social Bar 1.1.5 XSS

Everyone can access saveorder. File: floating-social-bar\class-floating-social-bar.php addaction 'wpajaxfsbsaveorder', array $this, 'saveorder' ; addaction 'wpajaxnoprivfsbsaveorder', array $this, 'saveorder' ; $REQUEST'items' is not escaped. File: floating-social-bar\class-floating-social-bar.ph...

6.9AI score

Exploits0

CNVD•added 2015/07/20 12:0 a.m.•5 views

WordPress Floating Social Bar Plugin Cross-Site Scripting Vulnerability

WordPress is a blogging platform developed using the PHP language that allows users to set up their own websites on servers that support PHP and MySQL databases. A cross-site scripting vulnerability exists in the 'saveorder' function in the class-floating-social-bar.php script in versions of the...

4.3CVSS6.1AI score0.02067EPSS

Exploits2References1

Prion•added 2015/07/16 3:59 p.m.•12 views

Cross site scripting

Cross-site scripting XSS vulnerability in the saveorder function in class-floating-social-bar.php in the Floating Social Bar plugin before 1.1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the items parameter in an fsbsaveorder action to wp-admin/admin-ajax.ph...

4.3CVSS6.3AI score0.02067EPSS

Exploits2References5Affected Software1

NVD•added 2015/07/16 3:59 p.m.•15 views

CVE-2015-5528

4.3CVSS5.8AI score0.02067EPSS

Exploits2References5

CVE•added 2015/07/16 3:0 p.m.•35 views

CVE-2015-5528

The CVE-2015-5528 entry concerns the WordPress Floating Social Bar plugin (pre-1.1.6). The XSS vulnerability arises in the save_order function within class-floating-social-bar.php, where the items[] parameter in the fsb_save_order action to wp-admin/admin-ajax.php is not properly filtered, allowi...

4.3CVSS6AI score0.02067EPSS

Exploits2References5Affected Software1

Patchstack•added 2015/07/16 12:0 a.m.•18 views

WordPress Floating Social Bar Plugin <= 1.1.5 - XSS

This vulnerability allows an attacker to inject arbitrary web script or HTML via the "items" parameter in an fsbsaveorder action to wp-admin/admin-ajax.php. Solution Update the plugin...

4.3CVSS2.5AI score0.02067EPSS

Exploits2References1Affected Software1

Packet Storm•added 2015/07/14 12:0 a.m.•19 views

WordPress Floating Social Bar 1.1.5 Cross Site Scripting

Exploit Title: Floating Social Bar 1.1.5 XSS Date: 09-01-2015 Software Link: https://wordpress.org/plugins/floating-social-bar/ Exploit Author: Kacper Szurek Contact: http://twitter.com/KacperSzurek Website: http://security.szurek.pl/ Category: webapps 1. Description Everyone can access saveorder...

7.4AI score

Exploits0

CNVD•added 2015/04/14 12:0 a.m.•5 views

WordPress Floating Social Bar Plugin HTML Injection Vulnerability

WordPress is a set of WordPress Software Foundation's blogging platform developed using the PHP language, which supports personal blog sites on servers with PHP and MySQL. An HTML injection vulnerability exists in the WordPress Floating Social Bar plugin. This vulnerability allows attackers to...

6.1CVSS7.8AI score0.01766EPSS

Exploits1References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by