Lucene search
K

5 matches found

OSV
OSV
added 2024/04/15 5:15 a.m.6 views

CVE-2024-2836

The Social Share, Social Login and Social Comments Plugin WordPress plugin before 7.13.64 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

4.8CVSS7.3AI score0.005EPSS
Exploits2References1
Cvelist
Cvelist
added 2024/04/15 5:0 a.m.30 views

CVE-2024-2836 Super Socializer < 7.13.64 - Editor+ Stored XSS

The Social Share, Social Login and Social Comments Plugin WordPress plugin before 7.13.64 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

5.8AI score0.005EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/04/15 5:0 a.m.21 views

CVE-2024-2836 Super Socializer < 7.13.64 - Editor+ Stored XSS

The Social Share, Social Login and Social Comments Plugin WordPress plugin before 7.13.64 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

5.9AI score0.005EPSS
Exploits2References1
CVE
CVE
added 2024/04/15 5:0 a.m.100 views

CVE-2024-2836

The CVE-2024-2836 entry refers to the WordPress plugin “Social Share, Social Login and Social Comments Plugin” (Super Socializer). Version range affected: before 7.13.64. Root cause: the plugin does not sufficiently sanitize/escape certain settings, enabling Cross-Site Scripting (XSS) for high-pr...

4.8CVSS8.3AI score0.005EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2024/04/15 12:0 a.m.13 views

WordPress Super Socializer Plugin < 7.13.64 is vulnerable to Cross Site Scripting (XSS)

Software Super Socializer Type Plugin Vulnerable versions 7.13.64 Fixed in 7.13.64 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2836 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6519a59e1a87 Credits Dmitrii Ignatyev...

4.8CVSS5.7AI score0.005EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder