EUVD-2025-2719

Malicious code in bioql PyPI...

Malicious code in mashshare (npm)

The package mashshare was found to contain malicious code...

MAL-2025-25985 Malicious code in mashshare (npm)

The package mashshare was found to contain malicious code...

CVE-2025-22319

Missing Authorization vulnerability in DearHive Social Media Share Buttons | MashShare.This issue affects Social Media Share Buttons | MashShare: from n/a through 4.0.47...

CVE-2022-4544

The MashShare WordPress plugin before 3.8.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege...

CVE-2025-22319

Missing Authorization vulnerability in DearHive Social Media Share Buttons | MashShare.This issue affects Social Media Share Buttons | MashShare: from n/a through 4.0.47...

CVE-2025-22319

CVE-2025-22319 is described in the connected Red Hat entry as a Missing Authorization vulnerability in DearHive Social Media Share Buttons (MashShare), affecting MashShare from version n/a up to 4.0.47. Public details in the provided documents are limited to this description; no explicit root-cau...

CVE-2025-22319 WordPress MashShare plugin <= 4.0.47 - Broken Access Control vulnerability

Missing Authorization vulnerability in DearHive Social Media Share Buttons | MashShare mashsharer.This issue affects Social Media Share Buttons | MashShare: from n/a through = 4.0.47...

CVE-2025-22319 WordPress MashShare plugin <= 4.0.47 - Broken Access Control vulnerability

Missing Authorization vulnerability in DearHive Social Media Share Buttons | MashShare.This issue affects Social Media Share Buttons | MashShare: from n/a through 4.0.47...

PT-2025-4434 · Unknown · Social Media Share Buttons | Mashshare

Name of the Vulnerable Software and Affected Versions: Social Media Share Buttons | MashShare versions n/a through 4.0.47 Description: The issue is related to a Missing Authorization vulnerability in Social Media Share Buttons | MashShare. This vulnerability affects the authorization process,...

WordPress plugin Social Media Share Buttons | MashShare 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

WordPress MashShare plugin <= 4.0.47 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Trương Hữu Phúc Patchstack Alliance in WordPress Plugin Social Media Share Buttons | MashShare versions = 4.0.47...

CVE-2022-4544

The MashShare WordPress plugin before 3.8.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege...

CVE-2022-4544

The MashShare WordPress plugin before 3.8.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege...

CVE-2022-4544 MashShare < 3.8.7 - Contributor+ Stored XSS

The MashShare WordPress plugin before 3.8.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege...

CVE-2022-4544

The CVE-2022-4544 issue affects the MashShare WordPress plugin (versions before 3.8.7). The root cause is failure to validate and escape certain shortcode attributes, enabling Stored XSS by users with as little as a contributor, potentially impacting admins. A fix is available: update to version ...

CVE-2022-4544 MashShare < 3.8.7 - Contributor+ Stored XSS

The MashShare WordPress plugin before 3.8.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege...

WordPress plugin MashShare 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

PT-2023-14668 · WordPress · Mashshare

Name of the Vulnerable Software and Affected Versions: MashShare WordPress plugin versions prior to 3.8.7 Description: The issue concerns a lack of validation and escaping of certain shortcode attributes, which can lead to Stored Cross-Site Scripting attacks. Users with a role as low as contribut...

MashShare < 3.8.7 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Exploit:...