Lucene search
K

7 matches found

RedhatCVE
RedhatCVE
added 2026/06/05 7:22 p.m.7 views

CVE-2026-34904

Cross-Site Request Forgery CSRF vulnerability in Analytify Simple Social Media Share Buttons allows Cross Site Request Forgery.This issue affects Simple Social Media Share Buttons: from n/a through 6.2.0...

7.5CVSS5.4AI score0.00122EPSS
Exploits0References1
CVE
CVE
added 2026/04/07 8:22 a.m.24 views

CVE-2026-34904

The CVE concerns the WordPress plugin Simple Social Buttons (also referred to as Simple Social Media Share Buttons). A CSRF vulnerability affects versions up to 6.2.0. The root cause is a Cross-Site Request Forgery flaw in the plugin, with vulnerability details corroborated by Patchstack document...

7.5CVSS5.9AI score0.00122EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:33 a.m.6 views

CVE-2023-5845

The Simple Social Media Share Buttons WordPress plugin before 5.1.1 leaks password-protected post content to unauthenticated visitors in some meta tags...

5.3CVSS6.8AI score0.00575EPSS
Exploits2
NVD
NVD
added 2025/04/15 6:15 a.m.17 views

CVE-2024-13610

The Simple Social Media Share Buttons WordPress plugin before 6.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

4.8CVSS0.00219EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/04/15 6:0 a.m.21 views

CVE-2024-13610 Simple Social Media Share Buttons < 6.0.0 - Admin+ Stored XSS

The Simple Social Media Share Buttons WordPress plugin before 6.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite...

0.00219EPSS
Exploits1References1
CVE
CVE
added 2023/11/27 4:22 p.m.53 views

CVE-2023-5845

The CVE-2023-5845 pertains to the WordPress plugin Simple Social Media Share Buttons (versions prior to 5.1.1). The underlying issue is leakage of password-protected post content to unauthenticated visitors via certain meta tags (notably og:description and twitter:description). Affected component...

5.3CVSS5.3AI score0.00575EPSS
Exploits2References1Affected Software1
CNNVD
CNNVD
added 2021/10/11 12:0 a.m.6 views

WordPress 插件 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL. cross-site scripting vulnerability exists in versions of WordPress Simple Social Media Share Buttons plugin prior...

4.8CVSS5.4AI score0.00598EPSS
Exploits2References2
Rows per page
Query Builder