14 matches found
CVE-2025-53235 WordPress Easy Social plugin <= 1.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in osuthorpe Easy Social allows Reflected XSS.This issue affects Easy Social: from n/a through 1.3...
CVE-2025-53235
The CVE-2025-53235 entry concerns the WordPress Easy Social plugin (osuthorpe Easy Social) versions up to 1.3. The vulnerability is a Reflected Cross-Site Scripting (XSS) flaw caused by improper input neutralization during web page generation. Impact is reflected in the ability for an attacker to...
WordPress Easy Social Sharebar Plugin <= 1.0.0 is vulnerable to Cross Site Scripting (XSS)
Software Easy Social Sharebar Type Plugin Vulnerable versions = 1.0.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51833 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 39ebcdfedab1 Credits SOPROBRO Required privilege...
WordPress Easy Social Feed Plugin < 6.5.6 is vulnerable to Cross Site Scripting (XSS)
Software Easy Social Feed Type Plugin Vulnerable versions 6.5.6 Fixed in 6.5.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1219 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 44698f6b2049 Credits Dmitrii Ignatyev Required...
WordPress Easy Social Feed Plugin <= 6.5.6 is vulnerable to Cross Site Request Forgery (CSRF)
Software Easy Social Feed Type Plugin Vulnerable versions = 6.5.6 Fixed in 6.5.7 OWASP Top 10 A3: Injection Classification Cross Site Request Forgery CSRF CVE CVE-2024-30526 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID f199cb78a406 Credits Brandon Roldan Required...
WordPress Easy Social Share Buttons Plugin <= 9.4 is vulnerable to Cross Site Scripting (XSS)
Software Easy Social Share Buttons Type Plugin Vulnerable versions = 9.4 Fixed in 9.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-30196 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID f4ed0dcb5dd6 Credits Rafie Muhammad Patchstack...
WordPress Easy Social Feed Plugin <= 6.5.4 is vulnerable to Cross Site Scripting (XSS)
Software Easy Social Feed Type Plugin Vulnerable versions = 6.5.4 Fixed in 6.5.5 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1278 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 71784cc8d436 Credits Richard Telleng stueotu...
WordPress Easy Social Feed Plugin <= 6.5.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software Easy Social Feed Type Plugin Vulnerable versions = 6.5.4 Fixed in 6.5.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1213 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 08e633917104 Credits Eldar Zeynalli...
WordPress Easy Social Feed Plugin <= 6.5.4 is vulnerable to Cross Site Request Forgery (CSRF)
Software Easy Social Feed Type Plugin Vulnerable versions = 6.5.4 Fixed in 6.5.5 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2024-1214 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID d7cd784da6bf Credits Eldar Zeynalli...
WordPress Easy Social Feed Plugin <= 6.5.1 is vulnerable to Broken Access Control
Software Easy Social Feed Type Plugin Vulnerable versions = 6.5.1 Fixed in 6.5.2 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-48740 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID 1c5273124850 Credits Abdi Pranata Required...
WordPress Easy Social Icons Plugin <= 3.2.4 is vulnerable to Cross Site Scripting (XSS)
Software Easy Social Icons Type Plugin Vulnerable versions = 3.2.4 Fixed in 3.2.5 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-48336 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID bfc487ed2abb Credits Ngô Thiên An ancorn from VNPT-VCI...
WordPress Easy Social Feed Plugin < 6.5.1 is vulnerable to Cross Site Scripting (XSS)
Software Easy Social Feed Type Plugin Vulnerable versions 6.5.1 Fixed in 6.5.1 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID d5526157708e Credits Rafie Muhammad Patchstack Require...
WordPress Easy Social Box / Page Plugin Plugin <= 4.1.2 is vulnerable to Cross Site Scripting (XSS)
Software Easy Social Box / Page Plugin Type Plugin Vulnerable versions = 4.1.2 Fixed in 4.1.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4754 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 16d4bede1269 Credits Istv...
WordPress Easy Social Icons plugin <= 3.1.3 - SQL Injection (SQLi) vulnerability
SQL Injection SQLi vulnerability discovered by qerogram in WordPress Easy Social Icons plugin versions = 3.1.3. Solution Update the WordPress Easy Social Icons plugin to the latest available version at least 3.1.4...