3 matches found
CVE-2025-3866
The Add Google +1 Plus one social share Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the google-plus-one-share-button page. This makes it possible for unauthenticated...
CVE-2025-3866
creationtimestamp| type| source ---|---|--- 2025-04-25 07:07:16+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/13389 2025-04-25 07:07:23+00:00| seen| https://bsky.app/profile/2rZiKKbOU3nTafniR2qMMSE0gwZ.activitypub.awakari.com.ap.brid.gy/post/3lnmnxtnxjir2 2025-04-25...
WordPress Add Google +1 (Plus one) social share Button plugin <= 1.0.0 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability
Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Add Google +1 Plus one social share Button versions = 1.0.0...