Vulnerabilities > Inisev

DATE CVE VULNERABILITY TITLE RISK
2024-07-21 CVE-2024-37552 Cross-site Scripting vulnerability in Inisev Social Media Share Buttons & Social Sharing Icons
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Inisev Social Media & Share Icons allows Stored XSS.This issue affects Social Media & Share Icons: from n/a through 2.9.1.
network
low complexity
inisev CWE-79
5.4
5.4
2023-07-28 CVE-2023-0958 Several plugins for WordPress by Inisev are vulnerable to unauthorized installation of plugins due to a missing capability check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. 6.5
6.5
2023-07-28 CVE-2023-3977 Several plugins for WordPress by Inisev are vulnerable to Cross-Site Request Forgery to unauthorized installation of plugins due to a missing nonce check on the handle_installation function that is called via the inisev_installation AJAX aciton in various versions. 4.3
4.3
2023-04-17 CVE-2023-1331 Unspecified vulnerability in Inisev Redirection
The Redirection WordPress plugin before 1.1.5 does not have CSRF checks in the uninstall action, which could allow attackers to make logged in admins delete all the redirections through a CSRF attack.
network
low complexity
inisev
6.5
6.5
2023-04-03 CVE-2023-1330 Unspecified vulnerability in Inisev Redirection
The Redirection WordPress plugin before 1.1.4 does not add nonce verification in place when adding the redirect, which could allow attackers to add redirects via a CSRF attack.
network
low complexity
inisev
6.5
6.5