Description

Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress.

Related CPE's

a

supsystic

social_share_buttons

*

*

*

*

*

wordpress

Vulnerable

References

https://patchstack.com/database/vulnerability/social-share-buttons-by-supsystic/wordpress-social-share-buttons-by-supsystic-plugin-2-2-3-multiple-authenticated-sql-injection-sqli-vulnerabilities

PatchThird Party Advisory

https://wordpress.org/plugins/social-share-buttons-by-supsystic/#developers

Third Party Advisory

https://patchstack.com/database/vulnerability/social-share-buttons-by-supsystic/wordpress-social-share-buttons-by-supsystic-plugin-2-2-3-multiple-authenticated-sql-injection-sqli-vulnerabilities

PatchThird Party Advisory

https://wordpress.org/plugins/social-share-buttons-by-supsystic/#developers

Third Party Advisory

Weaknesses

[email protected]

Secondary
CWE-89

CVSS impact metrics

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

8.5 · High

Information

Source identifier

[email protected]

Vulnerability status

Modified

Published

2022-07-22T15:15:08.900Z

3 years ago

Last modified

2024-11-21T06:08:40.447Z

1 year ago