Reputeinfosystems Social Share And Social Locker vulnerabilities
3 known vulnerabilities affecting reputeinfosystems/social_share_and_social_locker.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2025-31911P2CRITICALCVSS 9.3≤ 1.4.22025-04-03
CVE-2025-31911 [CRITICAL] CWE-89 CVE-2025-31911: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability i
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in reputeinfosystems Social Share And Social Locker social-share-and-social-locker-arsocial allows Blind SQL Injection.This issue affects Social Share And Social Locker: from n/a through <= 1.4.2.
nvd
CVE-2025-31902P4HIGHCVSS 7.1≤ 1.4.12025-04-03
CVE-2025-31902 [HIGH] CWE-79 CVE-2025-31902: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in reputeinfosystems Social Share And Social Locker social-share-and-social-locker-arsocial allows Reflected XSS.This issue affects Social Share And Social Locker: from n/a through <= 1.4.1.
nvd
CVE-2024-11189P4MEDIUMCVSS 4.8fixed in 1.4.22025-05-15
CVE-2024-11189 [MEDIUM] CWE-79 CVE-2024-11189: The Social Share And Social Locker WordPress plugin before 1.4.2 does not sanitise and escape some
The Social Share And Social Locker WordPress plugin before 1.4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
nvd