EUVD-2024-51448

Malicious code in bioql PyPI...

CVE-2024-13230

The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to Limited SQL Injection via the ‘SuperSocializerKey’ parameter in all versions up to, and including, 7.14 due to insufficient escaping on the user supplied parameter and lack of...

CVE-2024-13230

CVE-2024-13230 affects the WordPress plugin “Social Share, Social Login and Social Comments Plugin – Super Socializer” up to version 7.14. The issue is a limited SQL injection via the SuperSocializerKey parameter caused by insufficient escaping of user input and inadequate preparation of the SQL ...

CVE-2024-9946 Social Share, Social Login and Social Comments Plugin – Super Socializer <= 7.13.68 - Authentication Bypass via Disqus OAuth provider

The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 7.13.68. This is due to insufficient verification on the user being returned by the social login token. This makes it...

CVE-2024-9946

CVE-2024-9946 affects the WordPress plugin “Social Share, Social Login and Social Comments Plugin – Super Socializer.” Connected sources confirm an authentication bypass in all versions up to 7.13.68 caused by insufficient verification on the user returned by the social login token. This enables ...

The vulnerability of the Super Socializer plugin of the WordPress content management system allows attackers to perform cross-site scripting attacks.

The vulnerability of the Super Socializer plugin of the WordPress content management system exists due to the lack of protective measures for website structures. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting attacks remotely...

WordPress Super Socializer Plugin <= 7.13.54 is vulnerable to Broken Access Control

Software Super Socializer Type Plugin Vulnerable versions = 7.13.54 Fixed in 7.13.55 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-41802 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID cb4e69065e0f Credits Rafshanzani Suhada...

CVE-2023-35882 WordPress Super Socializer Plugin <= 7.13.52 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Team Heateor Super Socializer plugin = 7.13.52 versions...

CVE-2023-35882 WordPress Super Socializer Plugin <= 7.13.52 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Stored Cross-Site Scripting XSS vulnerability in Team Heateor Super Socializer plugin = 7.13.52 versions...

CVE-2023-35882

CVE-2023-35882 is a stored XSS vulnerability in WordPress plugin Team Heateor Super Socializer (≤7.13.52). The issue affects users with contributor or higher privileges, allowing injection of scripts via stored payloads. Patch guidance from multiple sources indicates the fix is in version 7.13.53...