Описание
Cross-site scripting (XSS) vulnerability in libs/xing.php in the 2 Click Social Media Buttons plugin before 0.34 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xing-url parameter.
Ссылки
- Exploit
- ExploitPatch
- Exploit
- ExploitPatch
Уязвимые конфигурации
Конфигурация 1Версия до 0.33 (включая)
Одновременно
Одно из
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:*:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.1:-:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.2:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.3:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.10:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.11:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.11:r1:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.11:r2:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.12:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.13:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.14:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.15:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.16:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.17:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.18:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.18.1:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.19:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.19.1:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.20:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.21:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.21.1:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.22:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.23:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.23.1:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.24:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.24.1:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.25:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.26:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.27:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.27.1:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.28:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.29:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.30:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.31.1:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.31.2:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.31.3:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.32.1:*:*:*:*:*:*:*
cpe:2.3:a:ppfeufer:2-click-social-media-buttons:0.32.2:*:*:*:*:*:*:*
cpe:2.3:a:wordpress:wordpress:-:*:*:*:*:*:*:*
EPSS
Процентиль: 79%
0.01303
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79
Связанные уязвимости
github
около 3 лет назад
Cross-site scripting (XSS) vulnerability in libs/xing.php in the 2 Click Social Media Buttons plugin before 0.34 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xing-url parameter.
EPSS
Процентиль: 79%
0.01303
Низкий
4.3 Medium
CVSS2
Дефекты
CWE-79