2 matches found
Social Buttons Pack by BestWebSof < 1.1.1 - Cross-Site Scripting
The social-buttons-pack plugin before 1.1.1 for WordPress has multiple XSS issues. id: CVE-2017-18500 info: name: Social Buttons Pack by BestWebSof 1.1.1 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The social-buttons-pack plugin before 1.1.1 for WordPress has...
CVE-2017-18500
The CVE-2017-18500 affects the WordPress plugin social-buttons-pack prior to version 1.1.1. The issue is cross-site scripting (XSS) due to improper handling/validation of input data, enabling an authenticated attacker to inject JavaScript in victims’ browsers (possible session/credential impact) ...