Sharethis Simple Share Buttons Adder vulnerabilities
2 known vulnerabilities affecting sharethis/simple_share_buttons_adder.
Total CVEs
2
CISA KEV
0
Public exploits
1
Exploited in wild
0
Severity breakdown
MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2014-4717P4MEDIUMCVSS 6.8PoC≤ 4.4v1.0+33 more2014-07-03
CVE-2014-4717 [MEDIUM] CWE-352 CVE-2014-4717: Multiple cross-site request forgery (CSRF) vulnerabilities in the Simple Share Buttons Adder plugin
Multiple cross-site request forgery (CSRF) vulnerabilities in the Simple Share Buttons Adder plugin before 4.5 for WordPress allow remote attackers to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the (1) ssba_share_text parameter in a save action to wp-admin/options-general.php, which is n
nvd
CVE-2024-4094P4MEDIUMCVSS 5.4fixed in 8.5.12024-06-18
CVE-2024-4094 [MEDIUM] CWE-79 CVE-2024-4094: The Simple Share Buttons Adder WordPress plugin before 8.5.1 does not sanitise and escape some of it
The Simple Share Buttons Adder WordPress plugin before 8.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
nvd