Sassy Social Share 漏洞列表
共找到 5 个与 Sassy Social Share 相关的漏洞
📅 加载漏洞趋势中...
-
CVE-2021-24746: WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting POC
WordPress plugin Sassy Social Share < 3.3.40 contains a reflected cross-site scripting vulnerability. -
CVE-2022-4971: Sassy Social Share <= 3.3.3 - Cross-Site Scripting POC
The Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'urls' parameter called via the 'heateor_sss_sharing_count' AJAX action in versions up to, and including, 3.3.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. -
CVE-2021-24746: WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting POC
WordPress plugin Sassy Social Share < 3.3.40 contains a reflected cross-site scripting vulnerability. -
CVE-2022-4971: Sassy Social Share <= 3.3.3 - Cross-Site Scripting POC
The Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'urls' parameter called via the 'heateor_sss_sharing_count' AJAX action in versions up to, and including, 3.3.3 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link. -
sassy-social-share-xss: Sassy Social Share <=3.3.3 - Cross-Site Scripting POC
WordPress Sassy Social Share 3.3.3 and prior is vulnerable to cross-site scripting because certain AJAX endpoints return JSON data with no Content-Type header set and then use the default text/html. In other words, any JSON that has HTML will be rendered as such.