VYPR

Scriptless Social Sharing

by WordPress

CVEs (2)

  • CVE-2025-39529MedApr 16, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Robin Cornett Scriptless Social Sharing scriptless-social-sharing allows Stored XSS.This issue affects Scriptless Social Sharing: from n/a through <= 3.3.0.

  • CVE-2023-0377MedMar 6, 2023
    risk 0.35cvss 5.4epss 0.01

    The Scriptless Social Sharing WordPress plugin before 3.2.2 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site…