CVE-2025-3866

The Add Google +1 Plus one social share Button plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.0. This is due to missing or incorrect nonce validation on the google-plus-one-share-button page. This makes it possible for unauthenticated...

CVE-2025-3866

CVE-2025-3866 affects the WordPress plugin Add Google +1 (Plus One) social share Button, version

CVE-2025-46483

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Moss Peadig’s Google +1 Button google-1 allows DOM-Based XSS.This issue affects Peadig’s Google +1 Button: from n/a through = 0.1.2...

CVE-2025-46483 WordPress Peadig’s Google +1 Button <= 0.1.2 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Alex Moss Peadig’s Google +1 Button allows DOM-Based XSS. This issue affects Peadig’s Google +1 Button: from n/a through 0.1.2...

PT-2025-17796 · Unknown · Peadig'S Google +1 Button

Name of the Vulnerable Software and Affected Versions: Peadig’s Google +1 Button versions 0.1.2 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based XSS. This can be exploited through the Peadig’s Google +1 Button...