3 matches found
WordPress Sassy Social Share Plugin <= 3.3.56 is vulnerable to Cross Site Scripting (XSS)
Software Sassy Social Share Type Plugin Vulnerable versions = 3.3.56 Fixed in 3.3.57 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1448 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 97a79e7fba62 Credits Richard Telleng...
CVE-2024-1448
The CVE-2024-1448 entry concerns the WordPress Social Sharing Plugin – Sassy Social Share. A stored XSS vulnerability exists in all versions up to 3.3.56 due to insufficient input sanitization and output escaping on shortcode attributes, allowing authenticated attackers with contributor-level or ...
CVE-2024-1448 Sassy Social Share <= 3.3.56 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcodes in all versions up to, and including, 3.3.56 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible...