CVE-2024-24709
- EPSS 0.19%
- Veröffentlicht 17.06.2026 11:42:15
- Zuletzt bearbeitet 17.06.2026 11:45:34
Missing Authorization vulnerability in Shareaholic allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Shareaholic: from n/a through 9.7.11.
CVE-2023-4889
- EPSS 0.43%
- Veröffentlicht 15.11.2023 07:15:14
- Zuletzt bearbeitet 08.04.2026 19:18:38
The Shareaholic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'shareaholic' shortcode in versions up to, and including, 9.7.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes i...
CVE-2022-0594
- EPSS 1.54%
- Veröffentlicht 25.07.2022 13:15:08
- Zuletzt bearbeitet 21.11.2024 06:38:59
The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated (in v < 9.7.5) and author+ (in v9.7.5) users, allowing them ...
CVE-2014-9311
- EPSS 3.89%
- Veröffentlicht 14.04.2015 14:59:02
- Zuletzt bearbeitet 06.05.2026 22:30:45
Cross-site scripting (XSS) vulnerability in admin.php in the Shareaholic plugin before 7.6.1.0 for WordPress allows remote authenticated users to inject arbitrary web script or HTML via the location[id] parameter in a shareaholic_add_location action ...