WordPress Inline Tweet Sharer – Twitter Sharing Plugin Plugin <= 2.5.3 is vulnerable to Cross Site Scripting (XSS)

Software Inline Tweet Sharer – Twitter Sharing Plugin Type Plugin Vulnerable versions = 2.5.3 Fixed in 2.6 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-24005 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID dfc715a3d8ea...

PT-2023-14494 · WordPress · Social Sharing

Name of the Vulnerable Software and Affected Versions: Social Sharing WordPress plugin versions prior to 3.3.45 Description: The issue allows users with a role as low as contributor to perform Stored Cross-Site Scripting attacks, which could be used against high privilege users such as admins, du...

CVE-2022-2356

The Frontend File Manager & Sharing WordPress plugin before 1.1.3 does not filter file extensions when letting users upload files on the server, which may lead to malicious code being uploaded...

CVE-2021-24746

The Social Sharing Plugin WordPress plugin before 3.3.40 does not escape the viewed post URL before outputting it back in onclick attributes when the "Enable 'More' icon" option is enabled which is the default setting, leading to a Reflected Cross-Site Scripting issue...

CVE-2021-24746

CVE-2021-24746 concerns the WordPress plugin “Sassy Social Share” (previously named Social Sharing Plugin) for versions before 3.3.40. The NVD and related feeds document a reflected cross-site scripting (XSS) vulnerability that occurs because the viewed post URL is not escaped before being output...

WordPress plugin Social Sharing Plugin 跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress plugin is a WordPress open source application plugin . A cross-site scripting vulnerability exists in the...

WordPress Better Sharing plugin <= 1.7.1 - Sensitive Information Disclosure vulnerability

Sensitive Information Disclosure vulnerability discovered in WordPress Better Sharing plugin versions = 1.7.1. Solution Update the WordPress Better Sharing plugin to the latest available version at least 1.7.2...

CVE-2021-24736

The CVE-2021-24736 entry concerns the WordPress Shared Files plugin (admin+ stored XSS) prior to version 1.6.57. Connected sources confirm a stored Cross-Site Scripting vulnerability caused by insufficient sanitisation/escaping of certain plugin settings output in HTML attributes, enabling JavaSc...

WordPress 插件跨站脚本漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on PHP and MySQL servers.The WordPress Easy Download Manager and File Sharing plugin has a cross-site scripting vulnerability in versions prior ...

CVE-2020-5611

Cross-site request forgery CSRF vulnerability in Social Sharing Plugin versions prior to 1.2.10 allows remote attackers to hijack the authentication of administrators via unspecified vectors...

CVE-2020-5611

Cross-site request forgery CSRF vulnerability in Social Sharing Plugin versions prior to 1.2.10 allows remote attackers to hijack the authentication of administrators via unspecified vectors...

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in Social Sharing Plugin versions prior to 1.2.10 allows remote attackers to hijack the authentication of administrators via unspecified vectors...

CVE-2020-5611

The CVE-2020-5611 report corresponds to a CSRF vulnerability in the WordPress Social Sharing Plugin (Social Rocket), affecting versions prior to 1.2.10. The exposed component is the Social Sharing Plugin for WordPress; root cause is CSRF allowing an attacker to hijack the administrator’s authenti...

CVE-2020-5611

Cross-site request forgery CSRF vulnerability in Social Sharing Plugin versions prior to 1.2.10 allows remote attackers to hijack the authentication of administrators via unspecified vectors...

WordPress Plugin "Social Sharing Plugin" vulnerable to cross-site request forgery

Overview WordPress Plugin "Social Sharing Plugin" provided by Social Rocket contains a cross-site request forgery vulnerability CWE-352. Akio Furui of Cryptography Laboratory, Department of Information and Communication Engineering, Tokyo Denki University reported this vulnerability to the...

Social Sharing Plugin < 1.2.10 - Cross-Site Request Forgery in Settings

The plugin is lacking CSRF check on its Settings form, which could allow attackers to make a logged in administrator change them...

JVN#05502028: WordPress Plugin "Social Sharing Plugin" vulnerable to cross-site request forgery

WordPress Plugin "Social Sharing Plugin" provided by Social Rocket contains a cross-site request forgery vulnerability CWE-352. Impact If a user with an administrative privilege views a malicious page while logged in, unintended operations may be performed. Solution Update the plugin Update the...