Vulnerabilities > Supsystic > Social Share Buttons > 1.8.5

DATE CVE VULNERABILITY TITLE RISK
2022-07-22 CVE-2022-27235 Unspecified vulnerability in Supsystic Social Share Buttons
Multiple Broken Access Control vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress.
network
low complexity
supsystic
8.8
8.8
2022-06-27 CVE-2022-1653 Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Social Share Buttons
The Social Share Buttons by Supsystic WordPress plugin before 2.2.4 does not perform CSRF checks in it's ajax endpoints and admin pages, allowing an attacker to trick any logged in user to manipulate or change the plugin settings, as well as create, delete and rename projects and networks.
network
supsystic CWE-352
4.3
4.3
2022-06-02 CVE-2021-36890 Cross-Site Request Forgery (CSRF) vulnerability in Supsystic Social Share Buttons
Cross-Site Request Forgery (CSRF) vulnerability in Social Share Buttons by Supsystic plugin <= 2.2.2 at WordPress.
network
supsystic CWE-352
4.3
4.3