3 matches found
CVE-2024-3648
The ShareThis Share Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sharethis-inline-button' shortcode in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
CVE-2024-3648 ShareThis Share Buttons <= 2.3.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via sharethis-inline-buttons Shortcode
The ShareThis Share Buttons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'sharethis-inline-button' shortcode in all versions up to, and including, 2.3.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...
WordPress ShareThis Share Buttons Plugin <= 2.3.0 is vulnerable to Cross Site Scripting (XSS)
Software ShareThis Share Buttons Type Plugin Vulnerable versions = 2.3.0 Fixed in 2.3.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3648 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b8b942c804f7 Credits Krzysztof Zając...