5 matches found
CVE-2024-2836
The Social Share, Social Login and Social Comments Plugin WordPress plugin before 7.13.64 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2024-2836 Super Socializer < 7.13.64 - Editor+ Stored XSS
The Social Share, Social Login and Social Comments Plugin WordPress plugin before 7.13.64 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2024-2836 Super Socializer < 7.13.64 - Editor+ Stored XSS
The Social Share, Social Login and Social Comments Plugin WordPress plugin before 7.13.64 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
CVE-2024-2836
The CVE-2024-2836 entry refers to the WordPress plugin “Social Share, Social Login and Social Comments Plugin” (Super Socializer). Version range affected: before 7.13.64. Root cause: the plugin does not sufficiently sanitize/escape certain settings, enabling Cross-Site Scripting (XSS) for high-pr...
WordPress Super Socializer Plugin < 7.13.64 is vulnerable to Cross Site Scripting (XSS)
Software Super Socializer Type Plugin Vulnerable versions 7.13.64 Fixed in 7.13.64 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2836 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 6519a59e1a87 Credits Dmitrii Ignatyev...