Catchsquare

Wp Social Widget

5 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4

CVE-2025-57981

  • EPSS 0.2%
  • Veröffentlicht 22.09.2025 18:24:29
  • Zuletzt bearbeitet 23.04.2026 15:33:10

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget wp-social-widget allows Stored XSS.This issue affects WP Social Widget: from n/a through <= 2.3.1.

5.4

CVE-2025-49306

  • EPSS 0.21%
  • Veröffentlicht 06.06.2025 12:53:48
  • Zuletzt bearbeitet 23.04.2026 15:31:25

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget wp-social-widget allows Stored XSS.This issue affects WP Social Widget: from n/a through <= 2.3.

5.4

CVE-2025-30610

  • EPSS 0.24%
  • Veröffentlicht 24.03.2025 13:47:28
  • Zuletzt bearbeitet 23.04.2026 15:26:58

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget wp-social-widget allows Stored XSS.This issue affects WP Social Widget: from n/a through <= 2.2.7.

5.4

CVE-2024-27189

  • EPSS 0.34%
  • Veröffentlicht 15.03.2024 13:15:08
  • Zuletzt bearbeitet 28.04.2026 19:23:33

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget allows Stored XSS.This issue affects WP Social Widget: from n/a through 2.2.5.

5.4

CVE-2023-0074

Exploit
  • EPSS 0.53%
  • Veröffentlicht 30.01.2023 21:15:13
  • Zuletzt bearbeitet 27.03.2025 20:15:19

The WP Social Widget WordPress plugin before 2.2.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to p...