Simple Share Buttons Adder, CVE-2024-4094

CVE, Research URL: CVE-2024-4094
Home page URL: Security reports for Simple Share Buttons Adder
Application: Simple Share Buttons Adder
Published on: Jun 18, 2024
Research Description: The Simple Share Buttons Adder WordPress plugin before 8.5.1 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
Affected versions: max 3.5.1.
Status: vulnerable