Critical severity10.0NVD Advisory· Published Jan 17, 2024· Updated Apr 8, 2026
CVE-2021-4434
CVE-2021-4434
Description
The Social Warfare plugin for WordPress is vulnerable to Remote Code Execution in versions up to, and including, 3.5.2 via the 'swp_url' parameter. This allows attackers to execute code on the server.
Affected products
2- cpe:2.3:a:warfareplugins:social_warfare:*:*:*:*:*:wordpress:*:*Range: <3.5.3
- Range: <=3.5.2
Patches
Vulnerability mechanics
References
2- packetstormsecurity.com/files/163680/WordPress-Social-Warfare-3.5.2-Remote-Code-Execution.htmlnvdExploitThird Party AdvisoryVDB Entry
- www.wordfence.com/threat-intel/vulnerabilities/id/98cf2a10-cc53-4479-87d1-71489f6a8c51nvdThird Party Advisory
News mentions
0No linked articles in our index yet.