Wpkube Kiwi Social Share vulnerabilities
2 known vulnerabilities affecting wpkube/kiwi_social_share.
Total CVEs
2
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2021-4362P2CRITICALCVSS 9.8v2.1.02023-06-07
CVE-2021-4362 [CRITICAL] CWE-862 CVE-2021-4362: The Kiwi Social Share plugin for WordPress is vulnerable to authorization bypass due to a missing ca
The Kiwi Social Share plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the kiwi_social_share_get_option() function called via the kiwi_social_share_get_option AJAX action in version 2.1.0. This makes it possible for unauthenticated attackers to read and modify arbitrary options on a WordPress site that
nvd
CVE-2024-3228P4MEDIUMCVSS 5.3fixed in 2.1.82024-07-09
CVE-2024-3228 [MEDIUM] CWE-200 CVE-2024-3228: The Social Sharing Plugin – Kiwi plugin for WordPress is vulnerable to Information Exposure in all v
The Social Sharing Plugin – Kiwi plugin for WordPress is vulnerable to Information Exposure in all versions up to, and including, 2.1.7 via the 'kiwi-nw-pinterest' class. This makes it possible for unauthenticated attackers to view limited content from password protected posts.
nvd