Multiple Authenticated (subscriber or higher user role) SQL Injection (SQLi) vulnerabilities in Social Share Buttons by Supsystic plugin <= 2.2.3 at WordPress.
References
Configurations
History
26 Jul 2022, 15:19
| Type | Values Removed | Values Added |
|---|---|---|
| CPE | cpe:2.3:a:supsystic:social_share_buttons:*:*:*:*:*:wordpress:*:* | |
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.8 |
| References | (CONFIRM) https://patchstack.com/database/vulnerability/social-share-buttons-by-supsystic/wordpress-social-share-buttons-by-supsystic-plugin-2-2-3-multiple-authenticated-sql-injection-sqli-vulnerabilities - Patch, Third Party Advisory | |
| References | (CONFIRM) https://wordpress.org/plugins/social-share-buttons-by-supsystic/#developers - Third Party Advisory |
22 Jul 2022, 17:18
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-07-22 17:15
Updated : 2024-02-04 22:51
NVD link : CVE-2022-33960
Mitre link : CVE-2022-33960
CVE.ORG link : CVE-2022-33960
JSON object : View
Products Affected
supsystic
- social_share_buttons
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')