Vulnerabilites related to Unknown - Social Share Buttons for WordPress
CVE-2024-13117 (GCVE-0-2024-13117)
Vulnerability from cvelistv5
Published
2025-01-27 06:00
Modified
2025-02-03 14:29
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The Social Share Buttons for WordPress plugin through 2.7 allows an unauthenticated user to upload arbitrary images and change the path where they are uploaded
References
▼ | URL | Tags |
---|---|---|
https://wpscan.com/vulnerability/3234cdac-f328-4f1e-a1de-31fbd86aefb9/ | exploit, vdb-entry, technical-description |
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Unknown | Social Share Buttons for WordPress |
Version: 0 ≤ 2.7 |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-13117", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-27T14:24:35.614554Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-02-03T14:29:29.172Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "affected", "product": "Social Share Buttons for WordPress", "vendor": "Unknown", "versions": [ { "lessThanOrEqual": "2.7", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Bob Matyas" }, { "lang": "en", "type": "coordinator", "value": "WPScan" } ], "descriptions": [ { "lang": "en", "value": "The Social Share Buttons for WordPress plugin through 2.7 allows an unauthenticated user to upload arbitrary images and change the path where they are uploaded" } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-22 Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-27T06:00:12.163Z", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan" }, "references": [ { "tags": [ "exploit", "vdb-entry", "technical-description" ], "url": "https://wpscan.com/vulnerability/3234cdac-f328-4f1e-a1de-31fbd86aefb9/" } ], "source": { "discovery": "EXTERNAL" }, "title": "Social Share Buttons for WordPress \u003c= 2.7 - Unauthenticated Image Upload \u0026 Path Traversal", "x_generator": { "engine": "WPScan CVE Generator" } } }, "cveMetadata": { "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2024-13117", "datePublished": "2025-01-27T06:00:12.163Z", "dateReserved": "2025-01-01T14:57:26.294Z", "dateUpdated": "2025-02-03T14:29:29.172Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2024-12807 (GCVE-0-2024-12807)
Vulnerability from cvelistv5
Published
2025-01-28 06:00
Modified
2025-01-28 15:15
Severity ?
VLAI Severity ?
EPSS score ?
Summary
The Social Share Buttons for WordPress plugin through 2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).
References
▼ | URL | Tags |
---|---|---|
https://wpscan.com/vulnerability/fcce0839-bb1d-4aa3-b236-ff5f5e9b6120/ | exploit, vdb-entry, technical-description |
Impacted products
Vendor | Product | Version | ||
---|---|---|---|---|
Unknown | Social Share Buttons for WordPress |
Version: 0 ≤ 2.7 |
{ "containers": { "adp": [ { "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.8, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" } }, { "other": { "content": { "id": "CVE-2024-12807", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2025-01-28T15:13:02.411831Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2025-01-28T15:15:04.341Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "defaultStatus": "affected", "product": "Social Share Buttons for WordPress", "vendor": "Unknown", "versions": [ { "lessThanOrEqual": "2.7", "status": "affected", "version": "0", "versionType": "semver" } ] } ], "credits": [ { "lang": "en", "type": "finder", "value": "Bob Matyas" }, { "lang": "en", "type": "coordinator", "value": "WPScan" } ], "descriptions": [ { "lang": "en", "value": "The Social Share Buttons for WordPress plugin through 2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup)." } ], "problemTypes": [ { "descriptions": [ { "description": "CWE-79 Cross-Site Scripting (XSS)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2025-01-28T06:00:11.412Z", "orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "shortName": "WPScan" }, "references": [ { "tags": [ "exploit", "vdb-entry", "technical-description" ], "url": "https://wpscan.com/vulnerability/fcce0839-bb1d-4aa3-b236-ff5f5e9b6120/" } ], "source": { "discovery": "EXTERNAL" }, "title": "Social Share Buttons for WordPress \u003c= 2.7 - Admin+ Stored XSS", "x_generator": { "engine": "WPScan CVE Generator" } } }, "cveMetadata": { "assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81", "assignerShortName": "WPScan", "cveId": "CVE-2024-12807", "datePublished": "2025-01-28T06:00:11.412Z", "dateReserved": "2024-12-19T18:24:25.615Z", "dateUpdated": "2025-01-28T15:15:04.341Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }