Social Media Share Buttons & Social Sharing Icons
Approved changes feed: RSS · Atom
cpe:2.3:a:inisev:social_media_share_buttons_\&_social_sharing_icons:*:*:*:*:*:wordpress:*:*
part: a version: * update: *
| Vendor | Inisev (f56a1d9c-c546-5c00-839e-72dda3ed8869) |
|---|---|
| Product | Social Media Share Buttons & Social Sharing Icons (1e86758e-ea9e-59ae-999c-b8049b6db251) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | wordpress |
| Target hardware | * |
| Other | * |
| Notes | Imported from gcve-enriched-dumps CVE data |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2024-37552 |
vulnerable | 2026-06-08 06:39:47.912799 |
WordPress Social Media Share Buttons & Social Sharing Icons plugin <= 2.9.1 - Cross Site Scripting (XSS) vulnerability
MEDIUM (5.9)
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Inisev Social Media & Share Icons allows Stored XSS.This issue affects Social Media & Share Icons: from n/a through 2.9.1.
Published: 2024-07-21T06:54:34.601Z
Updated: 2026-04-28T16:10:01.045Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-2118 |
vulnerable | 2026-06-08 06:33:30.374766 |
Social Media Share Buttons < 2.8.9 - Admin+ Stored XSS via settings
The Social Media Share Buttons & Social Sharing Icons WordPress plugin before 2.8.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Published: 2024-04-17T05:00:02.917Z
Updated: 2024-11-22T14:13:23.709Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2024-10362 |
vulnerable | 2026-06-08 06:22:04.059300 |
Social Media Share Buttons < 2.9.0 - Admin+ Stored XSS
The Social Media Share Buttons & Social Sharing Icons WordPress plugin before 2.9.1 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)
Published: 2025-05-15T20:06:42.846Z
Updated: 2025-05-20T19:40:56.206Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.