5 matches found
WordPress Ocean Social Sharing plugin <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by muhammad yudha in WordPress Plugin Ocean Social Sharing versions = 2.2.1...
CVE-2025-7500
The Ocean Social Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via social icon titles in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acce...
CVE-2025-7500
creationtimestamp| type| source ---|---|--- 2025-08-02 11:47:37+00:00| seen| Telegram/Lcp0pyF3QwX1nSZ0Oop-G4D31THkMDPLj1ozykj7XDhOizc...
CVE-2025-7500 Ocean Social Sharing <= 2.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Ocean Social Sharing plugin for WordPress is vulnerable to Stored Cross-Site Scripting via social icon titles in all versions up to, and including, 2.2.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level acce...
CVE-2025-7500
The CVE-2025-7500 entry concerns Ocean Social Sharing for WordPress. The vulnerability is a Stored Cross-Site Scripting flaw in social icon titles caused by insufficient input sanitization and output escaping, affecting all versions up to 2.2.1. Exploitation requires authenticated access at Contr...