Warfareplugins Social Sharing Plugin – Social Warfare

6 CVEs affecting Warfareplugins Social Sharing Plugin – Social Warfare. Latest disclosed: 2024-06-25. Critical: 2, High: 0.

Top CVEs affecting Warfareplugins Social Sharing Plugin – Social Warfare
CVESeverityScorePublishedSummary
CVE-2024-6297Critical10.02024-06-25Several plugins for WordPress hosted on WordPress.org have been compromised and injected with malicious PHP scripts. A malicious threat actor compromised the s…
CVE-2021-4434Critical10.02024-01-17The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 3.5.2 via the 'swp_url' parameter. This allows…
CVE-2024-1959Medium6.42024-05-02The Social Sharing Plugin – Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'socialWarfare' shortcode in all…
CVE-2023-4842Medium6.42023-11-07The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'social_warfare' shortcode in versions up to…
CVE-2023-0403Medium5.42023-01-19The Social Warfare plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.3.1. This is due to missing or incorrec…
CVE-2023-0402Medium5.42023-01-19The Social Warfare plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several AJAX actions in versions up to, and…