28 matches found
CVE-2014-4717
Multiple cross-site request forgery CSRF vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 ssbasharetext parameter in a save...
EUVD-2015-9143
Malware in sbrugna...
EUVD-2014-4636
Malware in sbrugna...
CVE-2015-9303
The simple-share-buttons-adder plugin before 6.0.0 for WordPress has XSS...
CVE-2024-4094 Simple Share Buttons Adder < 8.5.1 - Admin+ Stored XSS
The Simple Share Buttons Adder WordPress plugin before 8.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...
WordPress Simple Share Buttons Adder Plugin < 8.5.1 is vulnerable to Cross Site Scripting (XSS)
Software Simple Share Buttons Adder Type Plugin Vulnerable versions 8.5.1 Fixed in 8.5.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4094 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 47ccb3022e74 Credits Dmitrii Ignatye...
Simple Share Buttons Adder < 8.5.1 - Admin+ Stored XSS
Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed 1. Go to the plugin settings 2. In the "Additional CSS" field, enter the payload 3. Save...
Simple Share Buttons Adder < 8.4.12 - Authenticated(Administrator+) Stored Cross-Site Scripting via CSS Settings
Description The Simple Share Buttons Adder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 8.4.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress Simple Share Buttons Adder Plugin <= 8.4.11 is vulnerable to Cross Site Scripting (XSS)
Software Simple Share Buttons Adder Type Plugin Vulnerable versions = 8.4.11 Fixed in 8.4.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0621 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID 449c4b786154 Credits Akbar...
CVE-2022-47178
Cross-Site Request Forgery CSRF vulnerability in Simple Share Buttons Simple Share Buttons Adder plugin = 8.4.7 versions...
CVE-2022-47178
Cross-Site Request Forgery CSRF vulnerability in Simple Share Buttons Simple Share Buttons Adder plugin = 8.4.7 versions...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability in Simple Share Buttons Simple Share Buttons Adder plugin = 8.4.7 versions...
CVE-2022-47178
CVE-2022-47178 is a CSRF vulnerability in WordPress plugin Simple Share Buttons Adder, affected versions
CVE-2022-47178 WordPress Simple Share Buttons Adder Plugin <= 8.4.7 is vulnerable to Cross Site Request Forgery (CSRF)
Cross-Site Request Forgery CSRF vulnerability in Simple Share Buttons Simple Share Buttons Adder plugin = 8.4.7 versions...
PT-2023-15220 · WordPress · Simple Share Buttons Adder
Name of the Vulnerable Software and Affected Versions: Simple Share Buttons Adder plugin versions = 8.4.7 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...
Simple Share Buttons Adder <= 8.4.8 - CSRF
The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...
WordPress Simple Share Buttons Adder Plugin <= 8.5.1 is vulnerable to Cross Site Request Forgery (CSRF)
Software Simple Share Buttons Adder Type Plugin Vulnerable versions = 8.5.1 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47178 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 05de6062dc09 Credits Muhammad...
WordPress simple-share-buttons-adder plugin cross-site scripting vulnerability
WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. simple-share-buttons-adder plugin is used in one of the share buttons to add a plugin. A cross-site scripting vulnerability...
CVE-2015-9303
The simple-share-buttons-adder plugin before 6.0.0 for WordPress has XSS...
CVE-2015-9303
CVE-2015-9303 affects the WordPress plugin Simple Share Buttons Adder, specifically versions prior to 6.0.0. Multiple connected sources describe a cross-site scripting (XSS) vulnerability in this plugin, with evidence of a reflected XSS class in public disclosures. The root cause is insufficient ...