Vulnerabilities > Warfareplugins

DATE	CVE	VULNERABILITY TITLE	RISK
2024-01-17	CVE-2021-4434	Unspecified vulnerability in Warfareplugins Social Warfare The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 3.5.2 via the 'swp_url' parameter. network low complexity warfareplugins critical	9.8
2023-11-07	CVE-2023-4842	Cross-site Scripting vulnerability in Warfareplugins Social Warfare The Social Sharing Plugin - Social Warfare plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'social_warfare' shortcode in versions up to, and including, 4.4.3 due to insufficient input sanitization and output escaping on user supplied attributes. network low complexity warfareplugins CWE-79	5.4
2023-01-19	CVE-2023-0402	Unspecified vulnerability in Warfareplugins Social Warfare The Social Warfare plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on several AJAX actions in versions up to, and including, 4.3.0. network low complexity warfareplugins	5.4
2023-01-19	CVE-2023-0403	Unspecified vulnerability in Warfareplugins Social Warfare The Social Warfare plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 4.4.0. network low complexity warfareplugins	5.4
2019-03-24	CVE-2019-9978	Cross-site Scripting vulnerability in Warfareplugins Social Warfare and Social Warfare PRO The social-warfare plugin before 3.5.3 for WordPress has stored XSS via the wp-admin/admin-post.php?swp_debug=load_options swp_url parameter, as exploited in the wild in March 2019. network warfareplugins CWE-79	4.3

Vulnerabilities > Warfareplugins {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Warfareplugins"}]}

Vulnerabilities > Warfareplugins