5 matches found
WordPress Social Media Share Buttons plugin < 2.9.0 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Krugov Artyom in WordPress Plugin Social Media & Share Icons versions 2.9.0...
CVE-2024-10362
The Social Media Share Buttons & Social Sharing Icons WordPress plugin before 2.9.1 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...
CVE-2024-10362 Social Media Share Buttons < 2.9.0 - Admin+ Stored XSS
The Social Media Share Buttons & Social Sharing Icons WordPress plugin before 2.9.1 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...
CVE-2024-10362
CVE-2024-10362 affects the WordPress plugin Social Media Share Buttons & Social Sharing Icons (versions before 2.9.1). The issue is improper sanitization/escaping of certain plugin settings, potentially allowing stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disall...
CVE-2024-10362 Social Media Share Buttons < 2.9.0 - Admin+ Stored XSS
The Social Media Share Buttons & Social Sharing Icons WordPress plugin before 2.9.1 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...