VYPR

Social Rocket

by Social Rocket

CVEs (3)

  • CVE-2024-9702MedJan 7, 2025
    risk 0.35cvss 6.4epss 0.00

    The Social Rocket – Social Sharing Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'socialrocket-floating' shortcode in all versions up to, and including, 1.3.4 due to insufficient input sanitization and output escaping on user…

  • CVE-2024-9697MedJan 7, 2025
    risk 0.27cvss 5.3epss 0.00

    The Social Rocket – Social Sharing Plugin plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the tweet_settings_save() and tweet_settings_update() functions in all versions up to, and including, 1.3.4. This makes it…

  • CVE-2024-37258Jul 22, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Social Rocket allows Reflected XSS.This issue affects Social Rocket: from n/a through 1.3.3.