Warfareplugins Social_warfare
5 CVEs affecting Warfareplugins Social_warfare. Latest disclosed: 2024-01-17. Critical: 1, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2021-4434 | Critical | 10.0 | 2024-01-17 | The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 3.5.2 via the 'swp_url' parameter. This allows… |
CVE-2023-4842 | Medium | 6.4 | 2023-11-07 | The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'social_warfare' shortcode in versions up to… |
CVE-2019-9978 | Medium | 6.1 | 2019-03-24 | The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in t… |
CVE-2023-0403 | Medium | 5.4 | 2023-01-19 | The Social Warfare plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.3.1. This is due to missing or incorrec… |
CVE-2023-0402 | Medium | 5.4 | 2023-01-19 | The Social Warfare plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several AJAX actions in versions up to, and… |