CVE-2023-4889
- EPSS 0.08%
- Veröffentlicht 15.11.2023 07:15:14
- Zuletzt bearbeitet 21.11.2024 08:36:11
The Shareaholic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'shareaholic' shortcode in versions up to, and including, 9.7.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
CVE-2022-0594
- EPSS 43.98%
- Veröffentlicht 25.07.2022 13:15:08
- Zuletzt bearbeitet 21.11.2024 06:38:59
The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated (in v < 9.7.5) and author+ (in v9.7.5) users, allowing them ...
CVE-2014-9311
- EPSS 0.37%
- Veröffentlicht 14.04.2015 14:59:02
- Zuletzt bearbeitet 12.04.2025 10:46:40
Cross-site scripting (XSS) vulnerability in admin.php in the Shareaholic plugin before 7.6.1.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the location[id] parameter in a shareaholic_add_location action ...