Reflected XSS Vulnerability in Easy Social Share Buttons
CVE-2024-30196

7.1HIGH

Key Information:

Vendor: WordPress
Status: Easy Social Share Buttons
Vendor: CVE Published:; 27 March 2024

What is CVE-2024-30196?

The Easy Social Share Buttons by Appscreo is affected by a Cross-site Scripting (XSS) vulnerability, allowing for improper neutralization of input during web page generation. Specifically, the vulnerability enables reflected XSS attacks that compromise the security of the web application utilizing this plugin. Users of Easy Social Share Buttons versions from n/a through 9.4 should be aware of this security issue to mitigate risks associated with potential exploitation.

Affected Version(s)

Easy Social Share Buttons <= 9.4

References

https://patchstack.com/database/vulnerability/easy-social...

vdb-entry

CVSS V3.1

Score:

7.1

Severity:

HIGH

Confidentiality:

Low

Integrity:

Low

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

Required

Scope:

Changed

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Mar 27, 2024
Vulnerability Reserved
Mar 25, 2024

Credit

Rafie Muhammad (Patchstack)