cleantalk
Vulnerabilities and Security Researches

Shared Counts – Social Media Share Buttons, 06a7a225d79b3baf3dc9877f6353b722447d3baa

CVE, Research URL

06a7a225d79b3baf3dc9877f6353b722447d3baa

Home page URL

Security reports for Shared Counts – Social Media Share Buttons

Application

Shared Counts – Social Media Share Buttons

Published on
May 07, 2024
Research Description
Shared Counts &#8211; Social Media Share Buttons [shared-counts] < 1.5.0 Shared Counts – Social Media Share Buttons <= 1.4.1 - Missing Authorization to Arbitrary Email Sending The Shared Counts – Social Media Share Buttons plugin for WordPress is vulnerable to unauthorized access to functionality due to a missing capability check on the email_ajax function. This makes it possible for unauthenticated attackers to send arbitrary emails.
Affected versions
Min -, max 1.5.0.
Status
vulnerable
Previous vulnerability researches
Shared Counts &#8211; Social Media Share Buttons (06a7a225d79b3baf3dc9877f6353b722447d3baa) , Jun 07, 2024
New vulnerability
Element Pack Elementor Addons (Header Footer, Free Template Library, Grid, Carousel, Table, Parallax Animation, Register Form, (CVE-2025-5292) , Jun 06, 2025
Newsletters (CVE-2025-4857) , Jun 06, 2025
Royal Elementor Addons and Templates (CVE-2025-3813) , Jun 06, 2025
Post Slider and Post Carousel with Post Vertical Scrolling Widget &#8211; A Responsive Post Slider (CVE-2025-4567) , Jun 06, 2025
Popup Maker &#8211; Popup for opt-ins, lead gen, &amp; more (CVE-2025-4205) , Jun 06, 2025