Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
warfareplugins social warfare vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-9978
The social-warfare plugin prior to 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. This affects Social Warfare and Social Warfare Pro.
Warfareplugins Social Warfare
Warfareplugins Social Warfare Pro
1 EDB exploit
17 Github repositories
5.4
CVSSv3
CVE-2023-0402
The Social Warfare plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several AJAX actions in versions up to, and including, 4.3.0. This makes it possible for authenticated attackers, with subscriber-level permissions and above, to del...
Warfareplugins Social Warfare
5.4
CVSSv3
CVE-2023-0403
The Social Warfare plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.4.0. This is due to missing or incorrect nonce validation on several AJAX actions. This makes it possible for unauthenticated malicious users to delete post met...
Warfareplugins Social Warfare
9.8
CVSSv3
CVE-2021-4434
The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 3.5.2 via the 'swp_url' parameter. This allows malicious users to execute code on the server.
Warfareplugins Social Warfare
5.4
CVSSv3
CVE-2023-4842
The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'social_warfare' shortcode in versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. Th...
Warfareplugins Social Warfare
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
buffer overflow
type confusion
server-side request forgery
CVE-2024-38440
CVE-2024-27801
CVE-2024-5868
CVE-2024-0582
CVE-2024-37643
CVE-2024-3105
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started