cleantalk
Vulnerabilities and Security Researches

Social Sharing Plugin – Sassy Social Share, 4631519b-2060-43a0-b69b-b3d7ed94c705

CVE, Research URL

4631519b-2060-43a0-b69b-b3d7ed94c705

Home page URL

Security reports for Social Sharing Plugin – Sassy Social Share

Application

Social Sharing Plugin – Sassy Social Share

Published on
-
Research Description
Social Sharing Plugin &#8211; Sassy Social Share [sassy-social-share] < 3.3.4 Sassy Social Share &lt;= 3.3.3 - Cross-Site Scripting (XSS) AJAX endpoints which returns JSON data has no Content-Type header set, and uses default text/html. Any JSON that has HTML will be rendered as such.
Affected versions
max 3.3.4.
Status
vulnerable
Previous vulnerability researches
Age Verification Screen for WooCommerce (CVE-2023-33999) , Jun 14, 2026
Age Verification Screen for WooCommerce (6d8910c719b2a132ec93828cd37e418b19cac960) , Jun 16, 2026
Age Verification Screen for WooCommerce (6e203a6d7c53008b3fc66a975b065949c5865db0) , Jun 16, 2026
Age Verification Screen for WooCommerce (CVE-2022-4974) , Nov 15, 2024
Age Verification Screen for WooCommerce (c8bb7cbdc20af8c1c70b1fcdea74a9cbb3b4dfb0) , Jun 07, 2024
New vulnerability
leenk.me (753d31765913b4d2dbb8af0a5512e5f1f8c70c61) , Jun 16, 2026
Social Hashtags (5abd4657-8a58-4d97-b8cb-b67235ab5b8a) , Jun 16, 2026
Social Hashtags (1965c7b04565befbb11c28b56cb6922733a47b03) , Jun 16, 2026
Social Hashtags (a7cf6766582e354e702766a86f85716127d19bdc) , Jun 16, 2026
Simple Calendar &#8211; Google Calendar Plugin (e98a6264-9c5a-417f-b2f8-bd0017b411a0) , Jun 16, 2026