CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

13 matches found

RedhatCVE•added 2026/01/09 9:25 a.m.•1 views

CVE-2023-4889

The Shareaholic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'shareaholic' shortcode in versions up to, and including, 9.7.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with...

6.4CVSS5AI score0.00102EPSS

Exploits0References1

EUVD•added 2025/10/07 12:30 a.m.•4 views

EUVD-2014-9136

Malware in sbrugna...

3.5CVSS6.2AI score0.00374EPSS

Exploits5References5

EUVD•added 2025/10/07 12:30 a.m.•2 views

EUVD-2013-3193

Malware in sbrugna...

6.8CVSS6.4AI score0.00187EPSS

Exploits0References5

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2023-54728

Malicious code in bioql PyPI...

6.4CVSS6.5AI score0.00102EPSS

Exploits0References2

Patchstack•added 2024/01/31 12:0 a.m.•13 views

WordPress Shareaholic Plugin <= 9.7.11 is vulnerable to Broken Access Control

Software Shareaholic Type Plugin Vulnerable versions = 9.7.11 Fixed in 9.7.12 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-24709 Patch priority Medium CVSS severity Medium 4.3 Developer Claim ownership PSID e941ba723f22 Credits Abdi Pranata Required...

6.5AI score

Exploits0References2Affected Software1

CNNVD•added 2023/11/15 12:0 a.m.•1 views

WordPress plugin Shareaholic security vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

6.4CVSS5.8AI score0.00102EPSS

Exploits0References3

Cvelist•added 2022/07/25 12:45 p.m.•13 views

CVE-2022-0594 Shareaholic < 9.7.6 - Information Disclosure

The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated in v 9.7.5 and author+ in v9.7.5 users, allowing them to call it and retrieve various information such as t...

5.4AI score0.43978EPSS

Exploits2References1

WPVulnDB•added 2022/07/04 12:0 a.m.•22 views

Shareaholic < 9.7.6 - Information Disclosure

The plugin does not have proper authorisation check in one of the AJAX action, available to unauthenticated in v 9.7.5 and author+ in v9.7.5 users, allowing them to call it and retrieve various information such as the list of active plugins, various version like PHP, cURL, WP etc. PoC...

5.3CVSS1AI score0.43978EPSS

Exploits2Affected Software1

CNVD•added 2015/04/16 12:0 a.m.•3 views

WordPress Shareaholic plugin cross-site scripting vulnerability

WordPress is a set of blogging platform developed by WordPress Software Foundation using PHP language, which supports setting up personal blog sites on PHP and MySQL servers.Shareaholic plugin is a famous plugin of WordPress for social discovery and sharing platform. A cross-site scripting...

3.5CVSS5.8AI score0.00374EPSS

Exploits5References1

NVD•added 2015/04/14 2:59 p.m.•10 views

CVE-2014-9311

Cross-site scripting XSS vulnerability in admin.php in the Shareaholic plugin before 7.6.1.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the locationid parameter in a shareaholicaddlocation action to wp-admin/admin-ajax.php...

3.5CVSS5.3AI score0.00374EPSS

Exploits5References3

Prion•added 2015/04/14 2:59 p.m.•16 views

Cross site scripting

3.5CVSS5.7AI score0.00374EPSS

Exploits5References3Affected Software1

CVE•added 2015/04/14 2:0 p.m.•46 views

CVE-2014-9311

CVE-2014-9311 affects the WordPress Shareaholic plugin prior to version 7.6.1.0. The vulnerability is a cross-site scripting (XSS) flaw in admin.php where authenticated users can inject arbitrary script/HTML via the location[id] parameter in the shareaholic_add_location action to wp-admin/admin-a...

3.5CVSS5.4AI score0.00374EPSS

Exploits5References3Affected Software1

NVD•added 2013/08/08 8:55 p.m.•15 views

CVE-2013-3256

Cross-site request forgery CSRF vulnerability in the Shareaholic SexyBookmarks plugin 6.1.4.0 for WordPress allows remote attackers to hijack the authentication of users for requests that "manipulate plugin settings."...

6.8CVSS7.1AI score0.00187EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by