Easy Social Icons Security Vulnerabilities and Issues — Easy Social Icons CVE List

Lucene search

CybernetikzEasy Social Icons

6 matches found

CVE•added 2024/12/13 3:15 p.m.•78 views

CVE-2023-33998

Missing Authorization vulnerability in cybernetikz Easy Social Icons allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Easy Social Icons: from n/a through 3.2.5.

4.3CVSS4.7AI score0.00122EPSS

CVE•added 2022/04/04 4:15 p.m.•71 views

CVE-2022-0887

The Easy Social Icons WordPress plugin before 3.1.4 does not sanitize the selected_icons attribute to the cnss_widget before using it in an SQL statement, leading to a SQL injection vulnerability.

7.2CVSS7.2AI score0.00538EPSS

CVE•added 2022/04/11 3:15 p.m.•69 views

CVE-2022-0840

The Easy Social Icons WordPress plugin before 3.2.1 does not properly escape the image_file field when adding a new social icon, allowing high privileged users to inject arbitrary javascript even when the unfiltered_html capability is disallowed.

4.8CVSS4.8AI score0.00195EPSS

CVE•added 2023/11/30 11:15 a.m.•67 views

CVE-2023-48336

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cybernetikz Easy Social Icons allows Stored XSS.This issue affects Easy Social Icons: from n/a through 3.2.4.

6.5CVSS6AI score0.00181EPSS

CVE•added 2021/09/02 5:15 p.m.•50 views

CVE-2021-39322

The Easy Social Icons plugin

6.1CVSS6AI score0.092EPSS

CVE•added 2015/02/25 10:59 p.m.•44 views

CVE-2015-2084

Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin before 1.2.3 for WordPress allows remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the image_file parameter in an edit action in the cnss_s...

6.8CVSS6.6AI score0.00676EPSS