Vulnerabilities > Cybernetikz > Easy Social Icons > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-48336 | Unspecified vulnerability in Cybernetikz Easy Social Icons Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cybernetikz Easy Social Icons allows Stored XSS.This issue affects Easy Social Icons: from n/a through 3.2.4. | 5.4 |
| 2022-04-11 | CVE-2022-0840 | Unspecified vulnerability in Cybernetikz Easy Social Icons The Easy Social Icons WordPress plugin before 3.2.1 does not properly escape the image_file field when adding a new social icon, allowing high privileged users to inject arbitrary javascript even when the unfiltered_html capability is disallowed. | 4.8 |