WordPress Plugin Social Share Buttons-Social Pug Cross-Site Scripting

ID SSV:93046
Type seebug
Reporter Anonymous
Modified 2017-04-25T00:00:00



This plugin takes input from $_GET and puts it directly into HTML without escaping it. This means that anybody who is able to convince an admin user to click on a link would be able to take control of their browser on that domain name and delete posts, add new admin users, etc..

Proof of concept

Log in as an admin user with this plugin activated, using a browser without reflected XSS prevention (i.e. Firefox). Visit this URL:


Mitigation/further actions

Update to version 1.2.6 or later.