Lucene search
Paul J. MartinezWPEX-ID:99F4FB32-E312-4059-ADAF-F4CBAA92D4FAHistoryMar 15, 2022 - 12:00 a.m.
Sassy Social Share < 3.3.40 - Reflected Cross-Site Scripting
2022-03-1500:00:00
Paul J. Martinez
174
EPSS
0.001
Percentile
43.5%
The plugin does not escape the viewed post URL before outputting it back in onclick attributes when the “Enable ‘More’ icon” option is enabled (which is the default setting), leading to a Reflected Cross-Site Scripting issue. Note: Vendor was notified on September 14th, 2021.
https://example.com/any-post/?a"><script>alert(/XSS/)</script>Related
wpvulndb
wpvulndb
Sassy Social Share < 3.3.40 - Reflected Cross-Site Scripting
2022-03-15 00:00:00
prion
prion
Cross site scripting
2022-03-28 18:15:00
nvd
nvd
CVE-2021-24746
2022-03-28 18:15:08
cve
cve
CVE-2021-24746
2022-03-28 18:15:08
cvelist
cvelist
CVE-2021-24746 Sassy Social Share < 3.3.40 - Reflected Cross-Site Scripting
2022-03-28 17:20:47
patchstack
patchstack
nuclei
nuclei
WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting
2022-04-02 10:45:26