Cross-Site Scripting Vulnerability in ILLID Share This Image Plugin for WordPress
CVE-2017-18015

6.1MEDIUM

Key Information:

Vendor
Wordpress
Status
Share This Image
Vendor
CVE Published:
2 January 2018

Summary

The ILLID Share This Image plugin for WordPress contains a vulnerability that allows attackers to exploit an XSS flaw through the sharer.php url parameter. This can potentially lead to unauthorized actions being carried out by users without their consent, making it crucial for website administrators to update the plugin to version 1.04 or later to mitigate risks.

References

https://wpvulndb.com/vulnerabilities/8991
x_refsource_MISC
https://wordpress.org/support/topic/share-this-image-1-03...
x_refsource_MISC
https://wordpress.org/plugins/share-this-image/#developers
x_refsource_MISC

CVSS V3.1

Score:
6.1
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Changed

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.