Warfareplugins Social_warfare

5 CVEs affecting Warfareplugins Social_warfare. Latest disclosed: 2024-01-17. Critical: 1, High: 0.

Top CVEs affecting Warfareplugins Social_warfare
CVESeverityScorePublishedSummary
CVE-2021-4434Critical10.02024-01-17The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 3.5.2 via the 'swp_url' parameter. This allows…
CVE-2023-4842Medium6.42023-11-07The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'social_warfare' shortcode in versions up to…
CVE-2019-9978Medium6.12019-03-24The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in t…
CVE-2023-0403Medium5.42023-01-19The Social Warfare plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.3.1. This is due to missing or incorrec…
CVE-2023-0402Medium5.42023-01-19The Social Warfare plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several AJAX actions in versions up to, and…