Heateor Social Sharing Plugin – Sassy Social Share
5 CVEs affecting Heateor Social Sharing Plugin – Sassy Social Share. Latest disclosed: 2025-06-07. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-1989 | Medium | 6.4 | 2024-03-06 | The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'Sassy_Social_Share' shortcod… |
CVE-2024-1448 | Medium | 6.4 | 2024-02-29 | The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions… |
CVE-2025-5528 | Medium | 6.1 | 2025-06-07 | The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share parameter in… |
CVE-2024-11252 | Medium | 6.1 | 2024-11-30 | The Social Sharing Plugin – Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share parameter in… |
CVE-2022-4971 | Medium | 6.1 | 2024-10-16 | The Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'urls' parameter called via the 'heateor_sss_sharing_count'… |