Filtered by vendor Artlosk
Subscriptions
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2023-54333 | 2 Artlosk, Wordpress | 2 Social Share Buttons, Wordpress | 2026-03-05 | 8.2 High |
| Social-Share-Buttons 2.2.3 contains a critical SQL injection vulnerability in the project_id parameter that allows attackers to manipulate database queries. Attackers can exploit this vulnerability by sending crafted POST requests with malicious SQL payloads to retrieve and potentially steal entire database contents. | ||||
| CVE-2024-13117 | 1 Artlosk | 1 Share Buttons | 2025-05-13 | 6.5 Medium |
| The Social Share Buttons for WordPress plugin through 2.7 allows an unauthenticated user to upload arbitrary images and change the path where they are uploaded | ||||
| CVE-2024-12807 | 1 Artlosk | 1 Social Share Buttons | 2025-05-11 | 4.8 Medium |
| The Social Share Buttons for WordPress plugin through 2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup). | ||||
Page 1 of 1.