Social Warfare Security Vulnerabilities and Issues — Social Warfare CVE List

Lucene search

WarfarepluginsSocial Warfare

3 matches found

CVE•added 2023/11/07 12:15 p.m.•66 views

CVE-2023-4842

The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'social_warfare' shortcode in versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for auth...

6.4CVSS5.3AI score0.00148EPSS

CVE•added 2023/01/19 3:15 p.m.•44 views

CVE-2023-0402

The Social Warfare plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several AJAX actions in versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to delete post meta infor...

5.4CVSS5.1AI score0.0004EPSS

CVE•added 2023/01/19 3:15 p.m.•40 views

CVE-2023-0403

The Social Warfare plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.4.0. This is due to missing or incorrect nonce validation on several AJAX actions. This makes it possible for unauthenticated attackers to delete post meta information and reset n...

5.4CVSS5.1AI score0.00055EPSS