CVE-2024-24709 – Shareaholic <= 9.7.11 - Missing Authorization via accept_terms_of_service
https://notcve.org/view.php?id=CVE-2024-24709
The Professional Social Sharing Buttons, Icons & Related Posts – Shareaholic plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'accept_terms_of_service' function in all versions up to, and including, 9.7.11. This makes it possible for authenticated attackers, with subscriber access and above, to accept the plugin's terms of service. • CWE-862: Missing Authorization •
CVE-2023-4889 – Shareaholic <= 9.7.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
https://notcve.org/view.php?id=CVE-2023-4889
The Shareaholic plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'shareaholic' shortcode in versions up to, and including, 9.7.8 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. El complemento Shareaholic para WordPress es vulnerable a Cross-Site Scripting Almacenado en el shortcode 'shareaholic' en versiones hasta la 9.7.8 incluida debido a una sanitización de entrada insuficiente y a un escape de salida en los atributos proporcionados por el usuario. Esto hace posible que atacantes autenticados con permisos de nivel de colaborador y superiores inyecten scripts web arbitrarios en páginas que se ejecutarán cada vez que un usuario acceda a una página inyectada. • https://plugins.trac.wordpress.org/changeset/2995413/shareaholic#file51 https://www.wordfence.com/threat-intel/vulnerabilities/id/ff6932c6-f3ec-46a8-a03b-95512eee5bf1?source=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-41612 – WordPress Similar Posts Plugin <= 3.1.6 is vulnerable to Cross Site Scripting (XSS)
https://notcve.org/view.php?id=CVE-2022-41612
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Shareaholic Similar Posts plugin <= 3.1.6 versions. The Similar Posts – Best Related Posts Plugin for WordPress is vulnerable to Stored Cross-Site Scripting via an unknown parameter in versions up to, and including, 3.1.6 due to insufficient input sanitization and output escaping. This makes it possible for attackers authenticated as an administrator to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. • https://patchstack.com/database/vulnerability/similar-posts/wordpress-similar-posts-plugin-3-1-6-auth-stored-cross-site-scripting-xss-vulnerability?_s_id=cve • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2022-0594 – Shareaholic < 9.7.6 - Information Disclosure
https://notcve.org/view.php?id=CVE-2022-0594
The Professional Social Sharing Buttons, Icons & Related Posts WordPress plugin before 9.7.6 does not have proper authorisation check in one of the AJAX action, available to unauthenticated (in v < 9.7.5) and author+ (in v9.7.5) users, allowing them to call it and retrieve various information such as the list of active plugins, various version like PHP, cURL, WP etc. El plugin Professional Social Sharing Buttons, Icons & Related Posts de WordPress versiones anteriores a 9.7.6, no presenta una comprobación de autorización apropiada en una de las acciones AJAX, disponible para usuarios no autenticados (en versiones anteriores a 9.7.5) y author+ (en versión v9.7.5), permitiéndoles llamarlo y recuperar diversa información como la lista de plugins activos, varias versiones como PHP, cURL, WP etc • https://wpscan.com/vulnerability/4de9451e-2c8d-4d99-a255-b027466d29b1 • CWE-863: Incorrect Authorization •
CVE-2021-24537 – Similar Posts <= 3.1.5 - Admin+ Arbitrary PHP Code Execution
https://notcve.org/view.php?id=CVE-2021-24537
The Similar Posts WordPress plugin through 3.1.5 allow high privilege users to execute arbitrary PHP code in an hardened environment (ie with DISALLOW_FILE_EDIT, DISALLOW_FILE_MODS and DISALLOW_UNFILTERED_HTML set to true) via the 'widget_rrm_similar_posts_condition' widget setting of the plugin. El plugin Similar Posts de WordPress versiones hasta 3.1.5 permite a usuarios muy privilegiados ejecutar código PHP arbitrario en un entorno reforzado (es decir, con DISALLOW_FILE_EDIT, DISALLOW_FILE_MODS y DISALLOW_UNFILTERED_HTML configurados como verdaderos) por medio de la configuración del widget "widget_rrm_similar_posts_condition" del plugin • https://wpscan.com/vulnerability/0d6b46cb-5244-486f-ad70-4023907ac9eb • CWE-94: Improper Control of Generation of Code ('Code Injection') •