Full Disclosure

Reflected XSS in Social Pug – Easy Social Share Buttons could allow an attacker to do almost anything an admin user can (WordPress plugin)

Leave a comment

Posted by dxw Security on Dec 10

Details
================
Software: Social Pug – Easy Social Share Buttons
Version: 1.1.2,1.2.5
Homepage: http://wordpress.org/plugins/social-pug/
Advisory report:
https://security.dxw.com/advisories/reflected-xss-in-social-pug-easy-social-share-buttons-could-allow-an-attacker-to-do-almost-anything-an-admin-user-can/
CVE: Awaiting assignment
CVSS: 5.8 (Medium; AV:N/AC:M/Au:N/C:P/I:P/A:N)

Description
================
Reflected XSS in Social Pug…

Leave a Reply