Warfareplugins Social Sharing Plugin – Social Warfare
6 CVEs affecting Warfareplugins Social Sharing Plugin – Social Warfare. Latest disclosed: 2024-06-25. Critical: 2, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-6297 | Critical | 10.0 | 2024-06-25 | Several plugins for WordPress hosted on WordPress.org have been compromised and injected with malicious PHP scripts. A malicious threat actor compromised the s… |
CVE-2021-4434 | Critical | 10.0 | 2024-01-17 | The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 3.5.2 via the 'swp_url' parameter. This allows… |
CVE-2024-1959 | Medium | 6.4 | 2024-05-02 | The Social Sharing Plugin – Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'socialWarfare' shortcode in all… |
CVE-2023-4842 | Medium | 6.4 | 2023-11-07 | The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'social_warfare' shortcode in versions up to… |
CVE-2023-0403 | Medium | 5.4 | 2023-01-19 | The Social Warfare plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.3.1. This is due to missing or incorrec… |
CVE-2023-0402 | Medium | 5.4 | 2023-01-19 | The Social Warfare plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several AJAX actions in versions up to, and… |