125 matches found
WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting
WordPress plugin Sassy Social Share 3.3.40 contains a reflected cross-site scripting vulnerability. id: CVE-2021-24746 info: name: WordPress Sassy Social Share Plugin 3.3.40 - Cross-Site Scripting author: Supras severity: medium description: WordPress plugin Sassy Social Share 3.3.40 contains a...
Sassy Social Share <= 3.3.3 - Cross-Site Scripting
The Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'urls' parameter called via the 'heateorssssharingcount' AJAX action in versions up to, and including, 3.3.3 due to insufficient input sanitization and output escaping. This makes it possible for...
CVE-2026-11798
The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'heateormastodonshare' parameter in all versions up to, and including, 7.14.5 due to insufficient input sanitization and output escaping. This...
EUVD-2026-42168
The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'heateormastodonshare' parameter in all versions up to, and including, 7.14.5 due to insufficient input sanitization and output escaping. This...
CVE-2026-11798
The CVE concerns the WordPress plugin Social Share, Social Login and Social Comments Plugin – Super Socializer . It is vulnerable to Reflected Cross-Site Scripting via the parameter heateor_mastodon_share in all versions up to and including 7.14.5 , caused by insufficient input sanitization and o...
CVE-2026-57751
Unauthenticated Cross Site Request Forgery CSRF in Heateor Social Login = 1.1.39 versions...
CVE-2026-57751
The CVE-2026-57751 entry concerns the WordPress plugin Heateor Social Login (versions
CVE-2026-57751 WordPress Heateor Social Login plugin <= 1.1.39 - Cross Site Request Forgery (CSRF) vulnerability
Unauthenticated Cross Site Request Forgery CSRF in Heateor Social Login = 1.1.39 versions...
PT-2026-55039
Name of the Vulnerable Software and Affected Versions Heateor Social Login versions prior to 1.1.40 Description An unauthenticated Cross Site Request Forgery CSRF issue exists in the Heateor Social Login plugin. CSRF is a flaw that allows an attacker to trick a victim into performing actions they...
WordPress Heateor Social Login plugin <= 1.1.39 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by ParkHyunWoo in WordPress Plugin Heateor Social Login versions = 1.1.39...
CVE-2025-68998
Cross-Site Request Forgery CSRF vulnerability in Heateor Support Heateor Social Login heateor-social-login allows Cross Site Request Forgery.This issue affects Heateor Social Login: from n/a through = 1.1.39...
EUVD-2025-205738
Cross-Site Request Forgery CSRF vulnerability in Heateor Support Heateor Social Login heateor-social-login allows Cross Site Request Forgery.This issue affects Heateor Social Login: from n/a through = 1.1.39...
CVE-2025-68998
Cross-Site Request Forgery CSRF vulnerability in Heateor Support Heateor Social Login heateor-social-login allows Cross Site Request Forgery.This issue affects Heateor Social Login: from n/a through = 1.1.39...
CVE-2025-68998
CVE-2025-68998 technical details are not publicly provided in the supplied documents. Monitor for updates from vendors and researchers to assess impact and remediation.
CVE-2025-68998 WordPress Heateor Social Login plugin <= 1.1.39 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Heateor Support Heateor Social Login heateor-social-login allows Cross Site Request Forgery.This issue affects Heateor Social Login: from n/a through = 1.1.39...
CVE-2025-68998 WordPress Heateor Social Login plugin <= 1.1.39 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in Heateor Support Heateor Social Login heateor-social-login allows Cross Site Request Forgery.This issue affects Heateor Social Login: from n/a through = 1.1.39...
WordPress plugin Heateor Social Login 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
PT-2025-53887
Name of the Vulnerable Software and Affected Versions Heateor Social Login versions through 1.1.39 Description The software contains a Cross-Site Request Forgery CSRF flaw. This allows attackers to potentially perform actions on behalf of authenticated users without their knowledge. Recommendatio...
WordPress Heateor Social Login plugin <= 1.1.39 - Cross Site Request Forgery (CSRF) vulnerability
Cross Site Request Forgery CSRF vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Heateor Social Login versions = 1.1.39...
EUVD-2024-22111
Malicious code in bioql PyPI...