Lucene search
K

28 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 12:49 p.m.25 views

CVE-2014-4717

Multiple cross-site request forgery CSRF vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting XSS attacks via the 1 ssbasharetext parameter in a save...

6.8CVSS6.8AI score0.02805EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2015-9143

Malware in sbrugna...

6.1CVSS6.3AI score0.00958EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-4636

Malware in sbrugna...

6.8CVSS6.3AI score0.02805EPSS
Exploits1References5
RedhatCVE
RedhatCVE
added 2025/05/22 12:47 a.m.5 views

CVE-2015-9303

The simple-share-buttons-adder plugin before 6.0.0 for WordPress has XSS...

6.1CVSS7.1AI score0.00958EPSS
Exploits1References1
Cvelist
Cvelist
added 2024/06/18 6:0 a.m.35 views

CVE-2024-4094 Simple Share Buttons Adder < 8.5.1 - Admin+ Stored XSS

The Simple Share Buttons Adder WordPress plugin before 8.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

0.00399EPSS
Exploits2References1
Patchstack
Patchstack
added 2024/05/28 12:0 a.m.12 views

WordPress Simple Share Buttons Adder Plugin < 8.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Simple Share Buttons Adder Type Plugin Vulnerable versions 8.5.1 Fixed in 8.5.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4094 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 47ccb3022e74 Credits Dmitrii Ignatye...

5.4CVSS5.7AI score0.00399EPSS
Exploits2References3Affected Software1
wpexploit
wpexploit
added 2024/05/28 12:0 a.m.159 views

Simple Share Buttons Adder < 8.5.1 - Admin+ Stored XSS

Description The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed 1. Go to the plugin settings 2. In the "Additional CSS" field, enter the payload 3. Save...

5.9AI score0.00399EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2024/02/14 12:0 a.m.18 views

Simple Share Buttons Adder < 8.4.12 - Authenticated(Administrator+) Stored Cross-Site Scripting via CSS Settings

Description The Simple Share Buttons Adder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in all versions up to, and including, 8.4.11 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

3.2CVSS5.6AI score0.00491EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/02/14 12:0 a.m.11 views

WordPress Simple Share Buttons Adder Plugin <= 8.4.11 is vulnerable to Cross Site Scripting (XSS)

Software Simple Share Buttons Adder Type Plugin Vulnerable versions = 8.4.11 Fixed in 8.4.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-0621 Patch priority Low CVSS severity Low 4.4 Developer Claim ownership PSID 449c4b786154 Credits Akbar...

4.8CVSS5.7AI score0.00491EPSS
Exploits0References3Affected Software1
OSV
OSV
added 2023/05/25 12:15 p.m.2 views

CVE-2022-47178

Cross-Site Request Forgery CSRF vulnerability in Simple Share Buttons Simple Share Buttons Adder plugin = 8.4.7 versions...

8.8CVSS5.8AI score0.00271EPSS
Exploits0References1
NVD
NVD
added 2023/05/25 12:15 p.m.21 views

CVE-2022-47178

Cross-Site Request Forgery CSRF vulnerability in Simple Share Buttons Simple Share Buttons Adder plugin = 8.4.7 versions...

8.8CVSS5.8AI score0.00271EPSS
Exploits0References1
Prion
Prion
added 2023/05/25 12:15 p.m.20 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Simple Share Buttons Simple Share Buttons Adder plugin = 8.4.7 versions...

6.8CVSS8.7AI score0.00271EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/25 11:49 a.m.62 views

CVE-2022-47178

CVE-2022-47178 is a CSRF vulnerability in WordPress plugin Simple Share Buttons Adder, affected versions

8.8CVSS6.5AI score0.00271EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/05/25 11:49 a.m.8 views

CVE-2022-47178 WordPress Simple Share Buttons Adder Plugin <= 8.4.7 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Simple Share Buttons Simple Share Buttons Adder plugin = 8.4.7 versions...

4.3CVSS8.8AI score0.00271EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2023/05/25 12:0 a.m.6 views

PT-2023-15220 · WordPress · Simple Share Buttons Adder

Name of the Vulnerable Software and Affected Versions: Simple Share Buttons Adder plugin versions = 8.4.7 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...

8.8CVSS8.8AI score0.00271EPSS
Exploits0References3
WPVulnDB
WPVulnDB
added 2023/04/19 12:0 a.m.13 views

Simple Share Buttons Adder <= 8.4.8 - CSRF

The plugin does not have CSRF checks in some places, which could allow attackers to make logged in users perform unwanted actions via CSRF attacks...

8.8CVSS8.3AI score0.00271EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2023/04/19 12:0 a.m.13 views

WordPress Simple Share Buttons Adder Plugin <= 8.5.1 is vulnerable to Cross Site Request Forgery (CSRF)

Software Simple Share Buttons Adder Type Plugin Vulnerable versions = 8.5.1 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47178 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 05de6062dc09 Credits Muhammad...

8.8CVSS7AI score0.00271EPSS
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/08/14 12:0 a.m.2 views

WordPress simple-share-buttons-adder plugin cross-site scripting vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers. simple-share-buttons-adder plugin is used in one of the share buttons to add a plugin. A cross-site scripting vulnerability...

6.1CVSS6.2AI score0.00958EPSS
Exploits1References1
NVD
NVD
added 2019/08/12 4:15 p.m.11 views

CVE-2015-9303

The simple-share-buttons-adder plugin before 6.0.0 for WordPress has XSS...

6.1CVSS6.4AI score0.00958EPSS
Exploits1References1
CVE
CVE
added 2019/08/12 3:40 p.m.51 views

CVE-2015-9303

CVE-2015-9303 affects the WordPress plugin Simple Share Buttons Adder, specifically versions prior to 6.0.0. Multiple connected sources describe a cross-site scripting (XSS) vulnerability in this plugin, with evidence of a reflected XSS class in public disclosures. The root cause is insufficient ...

6.1CVSS6.4AI score0.00958EPSS
Exploits1References1Affected Software1
Rows per page
Query Builder