20 matches found
CVE-2013-6280
Cross-site scripting XSS vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
EUVD-2013-6108
Malware in sbrugna...
CVE-2013-2701
Cross-site request forgery CSRF vulnerability in the Social Sharing Toolkit plugin 2.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manipulate plugin settings via unknown vectors...
CVE-2022-4835
The Social Sharing Toolkit WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
CVE-2022-4835
The Social Sharing Toolkit WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
Cross site scripting
The Social Sharing Toolkit WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
CVE-2022-4835 Social Sharing Toolkit <= 2.6 - Contributor+ Stored XSS via Shortcode
The Social Sharing Toolkit WordPress plugin through 2.6 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...
WordPress plugin Social Sharing Toolkit 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...
Social Sharing Toolkit <= 2.6 - Contributor+ Stored XSS via Shortcode
The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. PoC Note: Fir...
WordPress Social Sharing Toolkit Plugin <= 2.6 is vulnerable to Cross Site Scripting (XSS)
Software Social Sharing Toolkit Type Plugin Vulnerable versions = 2.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4835 Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID f4242833e61a Credits István Márton...
Social Sharing Toolkit <= 2.6 - Contributor+ Stored XSS via Shortcode
The plugin does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins. Note: First y...
Social Sharing Toolkit 2.1.1 - Unspecified XSS
The Social Sharing Toolkit WordPress plugin was affected by an Unspecified XSS security vulnerability...
CVE-2013-2701
Cross-site request forgery CSRF vulnerability in the Social Sharing Toolkit plugin 2.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manipulate plugin settings via unknown vectors...
Cross site request forgery (csrf)
Cross-site request forgery CSRF vulnerability in the Social Sharing Toolkit plugin 2.1.1 for WordPress allows remote attackers to hijack the authentication of administrators for requests that manipulate plugin settings via unknown vectors...
CVE-2013-2701
The CVE concerns the WordPress plugin Social Sharing Toolkit version 2.1.1, where a Cross-Site Request Forgery (CSRF) vulnerability allows remote attackers to hijack administrator sessions and perform plugin-setting changes. The root cause is CSRF in the plugin’s handling of requests that mutate ...
CVE-2013-6280
Cross-site scripting XSS vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
Cross site scripting
Cross-site scripting XSS vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-6280
Cross-site scripting XSS vulnerability in Social Sharing Toolkit plugin before 2.1.2 for WordPress allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...
CVE-2013-6280
CVE-2013-6280 describes an XSS vulnerability in the WordPress plugin Social Sharing Toolkit prior to version 2.1.2. The flaw allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, with impact described as enabling partial integrity compromise and no confidentialit...
WordPress Social Sharing Toolkit Plugin <= 2.1.1 - XSS
Because of this vulnerability, the attackers can inject arbitrary web script or HTML via unspecified vectors. Solution Update the plugin...