Lucene search
WPScanCVELIST:CVE-2021-24746HistoryMar 28, 2022 - 5:20 p.m.
CVE-2021-24746 Sassy Social Share < 3.3.40 - Reflected Cross-Site Scripting
2022-03-2817:20:47
CWE-79
WPScan
www.cve.org
1
0.001 Low
EPSS
Percentile
43.5%
The Social Sharing Plugin WordPress plugin before 3.3.40 does not escape the viewed post URL before outputting it back in onclick attributes when the “Enable ‘More’ icon” option is enabled (which is the default setting), leading to a Reflected Cross-Site Scripting issue.
CNA Affected
[
{
"product": "Social Sharing Plugin – Sassy Social Share",
"vendor": "Unknown",
"versions": [
{
"lessThan": "3.3.40",
"status": "affected",
"version": "3.3.40",
"versionType": "custom"
}
]
}
]Related
wpvulndb
wpvulndb
Sassy Social Share < 3.3.40 - Reflected Cross-Site Scripting
2022-03-15 00:00:00
prion
prion
Cross site scripting
2022-03-28 18:15:00
nvd
nvd
CVE-2021-24746
2022-03-28 18:15:08
wpexploit
wpexploit
Sassy Social Share < 3.3.40 - Reflected Cross-Site Scripting
2022-03-15 00:00:00
patchstack
patchstack
nuclei
nuclei
WordPress Sassy Social Share Plugin <3.3.40 - Cross-Site Scripting
2022-04-02 10:45:26
cve
cve
CVE-2021-24746
2022-03-28 18:15:08