Lucene search
K

14 matches found

Cvelist
Cvelist
added 2026/03/13 9:25 a.m.30 views

CVE-2026-4063 Social Icons Widget & Block <= 4.5.8 - Missing Authorization to Authenticated (Subscriber+) Sharing Configuration Creation

The Social Icons Widget & Block by WPZOOM plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check in the addmenuitem method hooked to adminmenu in all versions up to, and including, 4.5.8. This is due to the method performing wpinsertpost and...

4.3CVSS0.00207EPSS
Exploits0References5
CVE
CVE
added 2026/03/13 9:25 a.m.12 views

CVE-2026-4063

CVE-2026-4063 affects the WordPress plugin Social Icons Widget & Block by WPZOOM. The Red Hat and CVE records, corroborated by the Wordfence vulnerability report, describe a missing capability check in the add_menu_item() function hooked to admin_menu in all versions up to 4.5.8. This allows auth...

4.3CVSS5.7AI score0.00207EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/03/13 3:44 a.m.5 views

WordPress Social Icons Widget & Block plugin <= 4.5.8 - Missing Authorization to Authenticated (Subscriber+) Sharing Configuration Creation vulnerability

Missing Authorization to Authenticated Subscriber+ Sharing Configuration Creation vulnerability discovered by darkmode in WordPress Plugin Social Icons Widget & Block by WPZOOM versions = 4.5.8...

4.3CVSS5.8AI score0.00207EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/13 12:0 a.m.12 views

PT-2026-25166

The Social Icons Widget & Block by WPZOOM plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check in the add menu item method hooked to admin menu in all versions up to, and including, 4.5.8. This is due to the method performing wp insert post and...

4.3CVSS5.7AI score0.00207EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/03/13 12:0 a.m.5 views

WordPress plugin Social Icons Widget & Block by WPZOOM 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

4.3CVSS5.8AI score0.00207EPSS
Exploits0References5
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-28385

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.01517EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:15 a.m.6 views

CVE-2024-30464

Missing Authorization vulnerability in WPZOOM Social Icons Widget & Block by WPZOOM.This issue affects Social Icons Widget & Block by WPZOOM: from n/a through 4.2.15...

8.8CVSS7AI score0.01517EPSS
Exploits0References1
OSV
OSV
added 2024/06/09 11:15 a.m.4 views

CVE-2024-30464

Missing Authorization vulnerability in WPZOOM Social Icons Widget & Block by WPZOOM.This issue affects Social Icons Widget & Block by WPZOOM: from n/a through 4.2.15...

8.8CVSS5.8AI score0.01517EPSS
Exploits0References1
NVD
NVD
added 2024/06/09 11:15 a.m.34 views

CVE-2024-30464

Missing Authorization vulnerability in WPZOOM Social Icons Widget & Block by WPZOOM.This issue affects Social Icons Widget & Block by WPZOOM: from n/a through 4.2.15...

8.8CVSS0.01517EPSS
Exploits0References1
CVE
CVE
added 2024/06/09 10:41 a.m.74 views

CVE-2024-30464

CVE-2024-30464 is a Missing Authorization vulnerability in WPZOOM Social Icons Widget & Block by WPZOOM (affecting Social Icons Widget & Block by WPZOOM up to version 4.2.15). Public data from NVD lists CVSS v3.1 base score 8.8 (High), with NETWORK attack vector, low attack complexity, and privil...

8.8CVSS5.9AI score0.01517EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/06/09 12:0 a.m.6 views

WordPress plugin Social Icons Widget & Block by WPZOOM Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

8.8CVSS6.8AI score0.01517EPSS
Exploits0References2
Patchstack
Patchstack
added 2024/05/21 8:5 a.m.4 views

WordPress Social Icons Widget & Block plugin < 4.2.18 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Social Icons Widget & Block by WPZOOM versions 4.2.18...

6.1CVSS6.1AI score0.00391EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2024/05/21 12:0 a.m.9 views

WordPress Social Icons Widget & Block by WPZOOM Plugin < 4.2.18 is vulnerable to Cross Site Scripting (XSS)

Software Social Icons Widget & Block by WPZOOM Type Plugin Vulnerable versions 4.2.18 Fixed in 4.2.18 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2189 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 2b9b48a26843 Credits...

6.1CVSS5.7AI score0.00391EPSS
Exploits2References4Affected Software1
Positive Technologies
Positive Technologies
added 2024/04/04 12:0 a.m.9 views

PT-2024-19113 · Wpzoom · The Social Icons Widget & Block

Name of the Vulnerable Software and Affected Versions: The Social Icons Widget & Block by WPZOOM versions prior to 4.2.18 Description: The issue concerns the lack of sanitization and escaping of some widget settings in the plugin, which could allow high-privilege users, such as admins, to perform...

6.1CVSS6AI score0.00391EPSS
Exploits2References8
Rows per page
Query Builder