Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cybernetikz easy social icons vulnerabilities and exploits
(subscribe to this query)
312
VMScore
CVE-2022-0840
The Easy Social Icons WordPress plugin prior to 3.2.1 does not properly escape the image_file field when adding a new social icon, allowing high privileged users to inject arbitrary javascript even when the unfiltered_html capability is disallowed.
Cybernetikz Easy Social Icons
NA
CVE-2023-48336
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cybernetikz Easy Social Icons allows Stored XSS.This issue affects Easy Social Icons: from n/a up to and including 3.2.4.
Cybernetikz Easy Social Icons
383
VMScore
CVE-2021-39322
The Easy Social Icons plugin <= 3.0.8 for WordPress echoes out the raw value of `$_SERVER['PHP_SELF']` in its main file. On certain configurations including Apache+modPHP this makes it possible to use it to perform a reflected Cross-Site Scripting attack by injecting...
Cybernetikz Easy Social Icons
578
VMScore
CVE-2022-0887
The Easy Social Icons WordPress plugin prior to 3.1.4 does not sanitize the selected_icons attribute to the cnss_widget before using it in an SQL statement, leading to a SQL injection vulnerability.
Cybernetikz Easy Social Icons
685
VMScore
CVE-2015-2084
Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin prior to 1.2.3 for WordPress allows remote malicious users to hijack the authentication of administrators for requests that conduct cross-site scripting (XSS) attacks via the image_file parameter in a...
Cybernetikz Easy Social Icons
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started