Simple Share Buttons Adder < 8.5.1 – Admin+ Stored XSS | CVE 2024-4094 | Plugin Vulnerabilities

Description

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed

Proof of Concept

1. Go to the plugin settings
2. In the "Additional CSS" field, enter the payload `</style><img src=x onerror=alert(/XSS/)>`
3. Save settings and see the XSS when the page reloads

Affects Plugins

simple-share-buttons-adder

Fixed in 8.5.1

References

CVE

URL

https://research.cleantalk.org/cve-2024-4094

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CVSS

Miscellaneous

Original Researcher

Dmitrii Ignatyev

Submitter

Dmitrii Ignatyev

Submitter website

https://research.cleantalk.org

Verified

Yes

WPVDB ID

04b2feba-e009-4fce-8539-5dfdb4300433

Timeline

Publicly Published

2024-05-28 (about 1 year ago)

Added

2024-05-28 (about 1 year ago)

Last Updated

2024-05-28 (about 1 year ago)

Other

Published

Title

Published

2025-11-26

Title

Unlimited Elements For Elementor and Unlimited Elements For Elementor (Premium) < 2.0.1 - Unauthenticated Stored Cross-Site Scripting via SVG File Upload

Published

2020-12-04

Title

Themify Portfolio Post < 1.1.6 - Authenticated Stored Cross-Site Scripting

Published

2024-02-06

Title

Timeline Widget For Elementor (Elementor Timeline, Vertical & Horizontal Timeline) < 1.5.4 - Authenticated (Contributor+) Stored Cross-Site Scripting

Published

2024-12-17

Title

odPhotogallery <= 0.5.3 - Reflected Cross-Site Scripting

Published

2022-04-11

Title

Adrotate < 5.8.23 - Admin+ XSS via Advert Name