2 matches found
CVE-2014-4717
Multiple cross-site request forgery CSRF vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 ssbasharetext parameter in a save...
CVE-2014-4717
CVE-2014-4717 affects the WordPress plugin “Simple Share Buttons Adder” (versions prior to 4.5). The issue comprises multiple CSRF vulnerabilities that allow remote attackers to hijack administrator sessions and trigger stored XSS via the ssba_share_text parameter in a save action to wp-admin/opt...