Published: 19/06/2023 Updated: 07/11/2023

CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8

VMScore: 0

The Social Share, Social Login and Social Comments WordPress plugin prior to 7.13.52 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin.

Vulnerable Product	Search on Vulmon	Subscribe to Product
heator social share\\, social login and social comments

# Exploit Title: Super Socializer 71352 - Reflected XSS # Dork: inurl: examplecom/wp-admin/admin-ajaxphp?action=the_champ_sharing_count&urls[%3Cimg%20src%3Dx%20onerror%3Dalert%28document%2Edomain%29%3E]=wwwgooglecom # Date: 2023-06-20 # Exploit Author: Amirhossein Bahramizadeh # Category : Webapps # Vendor Homepage: https: ...

WordPress Super Socializer plugin version 71352 suffers from a cross site scripting vulnerability ...

https://wpscan.com/vulnerability/fe9b7696-3b0e-42e2-9dbc-55167605f5c5 http://packetstormsecurity.com/files/173053/WordPress-Super-Socializer-7.13.52-Cross-Site-Scripting.html https://nvd.nist.gov https://www.exploit-db.com/exploits/51534

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2023-2779

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect