The vulnerability exists due to lack of proper validation of user input by the plugin. An attacker can leverage this vulnerability to perform cross-site scripting attacks. The plugin user input can be injected into another site on the same server or on a different server. It is recommended that the vendor upgrade their plugin to a fixed version.

2.7 Medium Vulnerable

The WordPress Social Media Follow Buttons Bar plugin v4.73 or earlier is vulnerable to Stored Cross-Site Scripting (XSS) vulnerability.

An attacker can leverage this vulnerability to inject malicious script code into another site on the same server or on a different server. It is recommended that the vendor upgrade their plugin to a fixed version.

Incorrect Validation of User Input in Social Media Follow Buttons Bar plugin v4.73 or earlier allows the attacker to inject malicious script code into another site on the same server or on a different server.

Impact of Sysadmin Attack An attacker can leverage this vulnerability to conduct a stored cross-site scripting attack. An attacker can inject malicious script code into another site on the same server or on a different server.

CVE Reference Exploits Vulnerable Software Reference Links 1. Incorrect Validation of User Input in Social Media Follow Buttons Bar plugin v4.73 or earlier allows the attacker to inject malicious script code into another site on the same server or on a different server.
A stored cross-site scripting attack can result

2

.7 Medium Vulnerable

References ^^

Vulnerable Software Reference Links 1. Incorrect Validation of User Input in Social Media Follow Buttons Bar plugin v4.73 or earlier allows the attacker to inject malicious script code into another site on the same server or on a different server.
A stored cross-site scripting attack can result

Timeline

Published on: 09/30/2022 17:15:00 UTC
Last modified on: 10/04/2022 13:02:00 UTC

References