5 matches found
CVE-2022-4835
The Social Sharing Toolkit WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
CVE-2022-4835 Social Sharing Toolkit <= 2.6 - Contributor+ Stored XSS via Shortcode
The Social Sharing Toolkit WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
CVE-2022-4835 Social Sharing Toolkit <= 2.6 - Contributor+ Stored XSS via Shortcode
The Social Sharing Toolkit WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
CVE-2022-4835
The CVE refers to the WordPress plugin Social Sharing Toolkit (
WordPress Social Sharing Toolkit Plugin <= 2.6 is vulnerable to Cross Site Scripting (XSS)
Software Social Sharing Toolkit Type Plugin Vulnerable versions = 2.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4835 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID f4242833e61a Credits István Márton...