3 matches found
CVE-2021-24143
Unvalidated input in the AccessPress Social Icons plugin, versions before 1.8.1, did not sanitise its widget attribute, allowing accounts with post permission, such as author, to perform SQL injections...
CVE-2014-9437
Multiple cross-site request forgery CSRF vulnerabilities in the Sliding Social Icons plugin 1.61 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings via unspecified vectors or 2 conduct cross-site scripting XSS attacks via...
Sliding Social Icons <= 1.61 - CSRF & Stored XSS
The sliding-social-icons WordPress plugin was affected by a CSRF & Stored XSS security vulnerability...