WordPress Plugin Vulnerabilities

Simple Social Buttons < 3.2.0 - Reflected Cross-Site Scripting

Description

Simple Social Buttons version 3.1.1 has a reflected Cross-Site Scripting vulnerability in the POST parameter "share_counts". Both unauthenticated and authenticated attacks are possible

Edit (WPScanTeam)
The original report stated the issue as being fixed in 3.2.0, however a CSRF nonce has been added instead of sanitisation/validation, so could still be used to attack unauthenticated users as they will all have the same nonce. A separate advisory has been created for it.

Proof of Concept

Affects Plugins

Plugin icon
simple-social-buttons
Fixed in 3.2.0

References

URL
https://packetstormsecurity.com/files/#160581/
URL
https://plugins.trac.wordpress.org/changeset/2439701/simple-social-buttons/trunk/simple-social-buttons.php

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
9.6 (critical)

Miscellaneous

Original Researcher
Mr.F
Submitter
Mr.F
Verified
Yes
WPVDB ID
b375833f-51f6-4813-86e3-55cce4609a38

Timeline

Publicly Published
2020-12-18 (about 5 years ago)
Added
2020-12-18 (about 5 years ago)
Last Updated
2020-12-19 (about 5 years ago)

Other

Published
Title
Published
2024-06-03
Title
tagDiv Composer < 4.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via button Shortcode
Published
2025-02-03
Title
Smartarget <= 1.5.3 - Subscriber+ Stored XSS
Published
2021-07-19
Title
Wonder PDF Embed < 1.7 - Contributor+ Stored XSS
Published
2024-03-26
Title
BEAR – Bulk Editor and Products Manager Professional for WooCommerce by Pluginus.Net < 1.1.4.3 - Reflected Cross-Site Scripting
Published
2025-02-22
Title
Easy Charts < 1.2.4 - Authenticated (Contributor+) Stored Cross-Site Scripting