CVE

CVE-2021-24746

admin

CVE-2021-24746

The Social Sharing Plugin WordPress plugin before 3.3.40 does not escape the viewed post URL before outputting it back in onclick attributes when the "Enable โ€˜Moreโ€™ icon" option is enabled (which is the default setting), leading to a Reflected Cross-Site Scripting issue.

Source: CVE-2021-24746

Exit mobile version