Cybernetikz Easy_social_icons

5 CVEs affecting Cybernetikz Easy_social_icons. Latest disclosed: 2023-11-30. Critical: 0, High: 1.

Top CVEs affecting Cybernetikz Easy_social_icons
CVESeverityScorePublishedSummary
CVE-2022-0887High7.22022-04-04The Easy Social Icons WordPress plugin before 3.1.4 does not sanitize the selected_icons attribute to the cnss_widget before using it in an SQL statement, lead…
CVE-2023-48336Medium6.52023-11-30Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cybernetikz Easy Social Icons allows Stored XSS.This issu…
CVE-2021-39322Medium6.12021-09-02The Easy Social Icons plugin <= 3.0.8 for WordPress echoes out the raw value of `$_SERVER['PHP_SELF']` in its main file. On certain configurations including Ap…
CVE-2022-0840Medium4.82022-04-11The Easy Social Icons WordPress plugin before 3.2.1 does not properly escape the image_file field when adding a new social icon, allowing high privileged users…
CVE-2015-20842015-02-25Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin before 1.2.3 for WordPress allows remote attackers to hijack the authentication…