7 matches found
EUVD-2023-45125
Malicious code in bioql PyPI...
EUVD-2023-51359
Malicious code in bioql PyPI...
CVE-2024-10362
The Social Media Share Buttons & Social Sharing Icons WordPress plugin before 2.9.1 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for...
CVE-2024-13615 Social Media Plugin by Social Snap <= 1.3.6 - Admin+ Stored XSS
The Social Share Buttons, Social Sharing Icons, Click to Tweet — Social Media Plugin by Social Snap WordPress plugin through 1.3.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the...
CVE-2024-13615 Social Media Plugin by Social Snap <= 1.3.6 - Admin+ Stored XSS
The Social Share Buttons, Social Sharing Icons, Click to Tweet — Social Media Plugin by Social Snap WordPress plugin through 1.3.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the...
CVE-2024-1214
CVE-2024-1214 (Easy Social Feed – Social Photos Gallery – Post Feed – Like Box, WordPress) is a CSRF vulnerability in the plugin across all versions up to 6.5.4 due to missing or incorrect nonce validation on the save_groups_list function. This allows unauthenticated attackers to disconnect a sit...
Cross site scripting
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Web-Settler Social Feed | All social media in one place plugin = 1.5.4.6 versions...