Vulnerabilities > CVE-2022-1418 - Unspecified vulnerability in Pluginmirror Social Stickers

CVSS 6.1 - MEDIUM

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

LOW

Integrity impact

LOW

Availability impact

NONE

network

low complexity

pluginmirror

NVD

Published: 2022-05-16

Updated: 2024-11-21

Summary

The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues.

Vulnerable Configurations

Part	Description	Count
Application	Pluginmirror Pluginmirror Social Stickers *	1

References

https://wpscan.com/vulnerability/3851e61e-f462-4259-af0a-8d832809d559
https://wpscan.com/vulnerability/3851e61e-f462-4259-af0a-8d832809d559