WordPress Plugin Vulnerabilities

Shariff for WordPress <= 1.0.11 - Admin+ Stored Cross-Site Scripting

Description

The Shariff for WordPress plugin does not sanitize or escape the shariff_infourl setting before outputting it in the frontend HTML via the generateshariff() function, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).

Proof of Concept

Affects Plugins

Plugin icon
shariff-sharing
No known fix

References

CVE
CVE-2026-9677

Classification

Type
XSS
OWASP top 10
A7: Cross-Site Scripting (XSS)
CWE
CWE-79
CVSS
3.5 (low)

Miscellaneous

Original Researcher
Mustafa Ahmed
Submitter
Mustafa Ahmed
Submitter website
https://fortressmssp.com
Verified
Yes
WPVDB ID
c40298d0-42c2-406c-817a-9bbf246bbeea

Timeline

Publicly Published
2026-06-05 (about 21 days ago)
Added
2026-05-29 (about 28 days ago)
Last Updated
2026-05-29 (about 28 days ago)

Other

Published
Title
Published
2025-04-04
Title
Secure Copy Content Protection and Content Locking < 4.5.6 - Admin+ Stored XSS
Published
2023-08-17
Title
tagDiv Composer < 4.2 - Unauthenticated Stored XSS
Published
2023-02-15
Title
Quick Contact Form < 8.0.4 - Admin+ Stored XSS
Published
2022-05-31
Title
Easy Pricing Tables < 3.2.1 - Reflected Cross-Site-Scripting
Published
2022-02-03
Title
Yet Another Stars Rating < 3.0.0 - Reflected Cross-Site Scripting