cleantalk
Vulnerabilities and Security Researches

Shared Counts – Social Media Share Buttons, 06a7a225d79b3baf3dc9877f6353b722447d3baa

CVE, Research URL

06a7a225d79b3baf3dc9877f6353b722447d3baa

Home page URL

Security reports for Shared Counts – Social Media Share Buttons

Application

Shared Counts – Social Media Share Buttons

Published on
May 07, 2024
Research Description
Shared Counts &#8211; Social Media Share Buttons [shared-counts] < 1.5.0 Shared Counts – Social Media Share Buttons <= 1.4.1 - Missing Authorization to Arbitrary Email Sending The Shared Counts – Social Media Share Buttons plugin for WordPress is vulnerable to unauthorized access to functionality due to a missing capability check on the email_ajax function. This makes it possible for unauthenticated attackers to send arbitrary emails.
Affected versions
Min -, max 1.5.0.
Status
vulnerable
Previous vulnerability researches
Shared Counts &#8211; Social Media Share Buttons (06a7a225d79b3baf3dc9877f6353b722447d3baa) , Jun 07, 2024
New vulnerability
tarteaucitron.js &#8211; Cookies legislation &amp; GDPR (CVE-2025-4955) , Jun 30, 2025
Tournament Bracket Generator (CVE-2025-6290) , Jun 29, 2025
VR Calendar (CVE-2025-5936) , Jun 29, 2025
Abandoned Contact Form 7 (CVE-2025-52817) , Jun 29, 2025
Simple Payment (CVE-2025-6688) , Jun 29, 2025