VYPR

Kiwi Social Share

by WordPress

Source repositories

CVEs (2)

  • CVE-2021-4362CriJun 7, 2023
    risk 0.64cvss 9.8epss 0.01

    The Kiwi Social Share plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the kiwi_social_share_get_option() function called via the kiwi_social_share_get_option AJAX action in version 2.1.0. This makes it possible for unauthenticated…

  • CVE-2025-58790MedSep 5, 2025
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in WPKube Kiwi kiwi-social-share allows Stored XSS.This issue affects Kiwi: from n/a through <= 2.1.8.