VYPR

Share This Image

by WordPress

Source repositories

CVEs (9)

  • CVE-2024-47326HigOct 6, 2024
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in ILLID Share This Image share-this-image allows Reflected XSS.This issue affects Share This Image: from n/a through <= 2.01.

  • CVE-2017-18015MedJan 2, 2018
    risk 0.40cvss 6.1epss 0.01

    The ILLID Share This Image plugin before 1.04 for WordPress has XSS via the sharer.php url parameter.

  • CVE-2026-42641MedApr 29, 2026
    risk 0.35cvss 5.4epss 0.00

    Server-Side Request Forgery (SSRF) vulnerability in ILLID Share This Image share-this-image allows Server Side Request Forgery.This issue affects Share This Image: from n/a through <= 2.14.

  • CVE-2026-39563MedApr 8, 2026
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share This Image: from n/a through <= 2.12.

  • CVE-2026-25010MedFeb 3, 2026
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in ILLID Share This Image share-this-image allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Share This Image: from n/a through <= 2.09.

  • CVE-2024-33930MedMay 2, 2024
    risk 0.31cvss 4.7epss 0.00

    URL Redirection to Untrusted Site ('Open Redirect') vulnerability in ILLID Share This Image.This issue affects Share This Image: from n/a through 1.97.

  • CVE-2024-8761Sep 17, 2024
    risk 0.00cvss epss 0.00

    The Share This Image plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 2.03. This is due to insufficient validation on the redirect url supplied via the link parameter. This makes it possible for unauthenticated attackers to redirect users…

  • CVE-2024-8363Sep 5, 2024
    risk 0.00cvss epss 0.00

    The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's STI Buttons shortcode in all versions up to, and including, 2.02 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible…

  • CVE-2024-8108Aug 31, 2024
    risk 0.00cvss epss 0.00

    The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alignment' parameter in all versions up to, and including, 2.01 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with…