Lucene search
K

20 matches found

RedhatCVE
RedhatCVE
added 2026/01/07 9:51 a.m.8 views

CVE-2013-6280

Cross-site scripting XSS vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6AI score0.01602EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.4 views

EUVD-2013-6108

Malware in sbrugna...

4.3CVSS6.4AI score0.01602EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/05/22 12:39 a.m.4 views

CVE-2013-2701

Cross-site request forgery CSRF vulnerability in the Social Sharing Toolkit plugin 2.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manipulate plugin settings via unknown vectors...

6.8CVSS7.5AI score0.0097EPSS
Exploits0References1
NVD
NVD
added 2023/01/30 9:15 p.m.20 views

CVE-2022-4835

The Social Sharing Toolkit WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References1
OSV
OSV
added 2023/01/30 9:15 p.m.4 views

CVE-2022-4835

The Social Sharing Toolkit WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

5.4CVSS5.8AI score0.00471EPSS
Exploits2References1
Prion
Prion
added 2023/01/30 9:15 p.m.10 views

Cross site scripting

The Social Sharing Toolkit WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

4.9CVSS5.3AI score0.00471EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/30 8:31 p.m.5 views

CVE-2022-4835 Social Sharing Toolkit <= 2.6 - Contributor+ Stored XSS via Shortcode

The Social Sharing Toolkit WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

5.3AI score0.00471EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/01/30 12:0 a.m.3 views

WordPress plugin Social Sharing Toolkit 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

5.4CVSS5.4AI score0.00471EPSS
Exploits2References2
WPVulnDB
WPVulnDB
added 2023/01/03 12:0 a.m.16 views

Social Sharing Toolkit <= 2.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Note: Fir...

5.4CVSS2.4AI score0.00471EPSS
Exploits2Affected Software1
Patchstack
Patchstack
added 2023/01/03 12:0 a.m.12 views

WordPress Social Sharing Toolkit Plugin <= 2.6 is vulnerable to Cross Site Scripting (XSS)

Software Social Sharing Toolkit Type Plugin Vulnerable versions = 2.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4835 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID f4242833e61a Credits István Márton...

5.4CVSS5.6AI score0.00471EPSS
Exploits2References2Affected Software1
wpexploit
wpexploit
added 2023/01/03 12:0 a.m.385 views

Social Sharing Toolkit <= 2.6 - Contributor+ Stored XSS via Shortcode

The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Note: First y...

5.4CVSS0.5AI score0.00471EPSS
Exploits2
WPVulnDB
WPVulnDB
added 2014/08/01 10:59 a.m.31 views

Social Sharing Toolkit 2.1.1 - Unspecified XSS

The Social Sharing Toolkit WordPress plugin was affected by an Unspecified XSS security vulnerability...

4.3CVSS2.4AI score0.01602EPSS
Exploits0Affected Software1
NVD
NVD
added 2013/11/01 3:55 p.m.19 views

CVE-2013-2701

Cross-site request forgery CSRF vulnerability in the Social Sharing Toolkit plugin 2.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manipulate plugin settings via unknown vectors...

6.8CVSS7.1AI score0.0097EPSS
Exploits0References2
Prion
Prion
added 2013/11/01 3:55 p.m.12 views

Cross site request forgery (csrf)

Cross-site request forgery CSRF vulnerability in the Social Sharing Toolkit plugin 2.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manipulate plugin settings via unknown vectors...

6.8CVSS7.6AI score0.0097EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2013/11/01 2:0 p.m.34 views

CVE-2013-2701

The CVE concerns the WordPress plugin Social Sharing Toolkit version 2.1.1, where a Cross-Site Request Forgery (CSRF) vulnerability allows remote attackers to hijack administrator sessions and perform plugin-setting changes. The root cause is CSRF in the plugin’s handling of requests that mutate ...

6.8CVSS7.4AI score0.0097EPSS
Exploits0References2Affected Software1
NVD
NVD
added 2013/10/25 2:55 p.m.20 views

CVE-2013-6280

Cross-site scripting XSS vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS5.8AI score0.01602EPSS
Exploits0References1
Prion
Prion
added 2013/10/25 2:55 p.m.14 views

Cross site scripting

Cross-site scripting XSS vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

4.3CVSS6.2AI score0.01602EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2013/10/25 2:0 p.m.32 views

CVE-2013-6280

Cross-site scripting XSS vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

5.8AI score0.01602EPSS
Exploits0References1
CVE
CVE
added 2013/10/25 2:0 p.m.37 views

CVE-2013-6280

CVE-2013-6280 describes an XSS vulnerability in the WordPress plugin Social Sharing Toolkit prior to version 2.1.2. The flaw allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, with impact described as enabling partial integrity compromise and no confidentialit...

4.3CVSS6AI score0.01602EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2013/10/25 12:0 a.m.21 views

WordPress Social Sharing Toolkit Plugin <= 2.1.1 - XSS

Because of this vulnerability, the attackers can inject arbitrary web script or HTML via unspecified vectors. Solution Update the plugin...

4.3CVSS2.9AI score0.01602EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder