RSS   Podatności dla 'Simple social buttons'   RSS

2021-10-11
 
CVE-2021-24656

CWE-79
 

 
The Simple Social Media Share Buttons WordPress plugin before 3.2.4 does not escape the Share Title settings before outputting it in the frontend pages or posts (depending on the settings used), allowing high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

 

 >>> Vendor: Wpbrigade 3 Produkty
Loginpress
Simple social media share buttons
Simple social buttons


Copyright 2021, cxsecurity.com

 

Back to Top