Social Buttons Pack by BestWebSof < 1.1.1 - Cross-Site Scripting

The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues. id: CVE-2017-18500 info: name: Social Buttons Pack by BestWebSof 1.1.1 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The social-buttons-pack plugin before 1.1.1 for WordPress has...

CVE-2026-4063

The Social Icons Widget & Block by WPZOOM plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check in the addmenuitem method hooked to adminmenu in all versions up to, and including, 4.5.8. This is due to the method performing wpinsertpost and...

EUVD-2026-11786

The Social Icons Widget & Block by WPZOOM plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check in the addmenuitem method hooked to adminmenu in all versions up to, and including, 4.5.8. This is due to the method performing wpinsertpost and...

CVE-2026-4063

The Social Icons Widget & Block by WPZOOM plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check in the addmenuitem method hooked to adminmenu in all versions up to, and including, 4.5.8. This is due to the method performing wpinsertpost and...

CVE-2022-0874

The WP Social Buttons WordPress plugin through 2.1 does not sanitise and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2025-64198

CVE-2025-64198 affects the WordPress plugin Easy Social Share Buttons (easy-social-share-buttons3). Affected versions are before 10.7.1. The vulnerability is described as cross-site scripting (XSS); the CVE entry notes Reflected XSS, while Red Hat/Wordfence records underscore an XSS issue in vers...

CVE-2025-49953

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themeinity ShareBang, Ultimate Social Share Buttons for WordPress sharebang allows Reflected XSS.This issue affects ShareBang, Ultimate Social Share Buttons for WordPress: from n/a through = 1.4...

EUVD-2017-9694

Malware in sbrugna...

WordPress ShareBang, Ultimate Social Share Buttons for WordPress Plugin <= 1.4 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin ShareBang, Ultimate Social Share Buttons for WordPress versions = 1.4...

CVE-2017-18578

The crafty-social-buttons plugin before 1.5.8 for WordPress has XSS...

CVE-2017-18500

The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues...

WordPress Floating Social Buttons plugin <= 1.5 - Cross-Site Request Forgery vulnerability

Cross-Site Request Forgery vulnerability discovered by Yoshihito Kamata in WordPress Plugin Floating Social Buttons versions = 1.5...

WordPress Floating Social Buttons Plugin <= 1.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Floating Social Buttons Type Plugin Vulnerable versions = 1.5 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-6405 Patch priority Low CVSS severity Low 5.4 Developer Claim ownership PSID 99d69d9e8109 Credits Yoshihito Kamata...

CVE-2024-6405 Floating Social Buttons <= 1.5 - Cross-Site Request Forgery

The Floating Social Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the floatingsocialbuttonsoption function. This makes it possible for unauthenticated attackers to update...

WordPress plugin Floating Social Buttons security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A security vulnerability exists in the...

PT-2024-37599 · WordPress · Floating Social Buttons

Name of the Vulnerable Software and Affected Versions: Floating Social Buttons plugin for WordPress versions up to, and including, 1.5 Description: The issue is due to missing or incorrect nonce validation on the floating social buttons option function, making it possible for unauthenticated...

WordPress plugin Easy Social Share Buttons 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

WordPress Plugin Social Media Share Buttons & Social Sharing Icons 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in the WordPress Plugi...

CVE-2023-29428

Cross-Site Request Forgery CSRF vulnerability in SuPlugins Superb Social Media Share Buttons and Follow Buttons for WordPress plugin = 1.1.3 versions...

WordPress Plugin Superb Social Media Share Buttons and Follow Buttons for WordPress Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...