VYPR

Floating Social Bar

by WordPress

Source repositories

CVEs (5)

  • CVE-2024-8790MedOct 18, 2024
    risk 0.40cvss 6.1epss 0.00

    The Social Share With Floating Bar plugin for WordPress is vulnerable to Reflected Cross-Site Scripting due to the use of add_query_arg without appropriate escaping on the URL in all versions up to, and including, 1.0.3. This makes it possible for unauthenticated attackers to…

  • CVE-2024-6405MedJun 29, 2024
    risk 0.40cvss 6.1epss 0.00

    The Floating Social Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.5. This is due to missing or incorrect nonce validation on the floating_social_buttons_option() function. This makes it possible for…

  • CVE-2025-46451MedApr 24, 2025
    risk 0.38cvss 5.9epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Syed Balkhi Floating Social Bar floating-social-bar allows Stored XSS.This issue affects Floating Social Bar: from n/a through <= 1.1.7.

  • CVE-2015-3299MedSep 19, 2017
    risk 0.33cvss 6.1epss 0.02

    Cross-site scripting (XSS) vulnerability in the Floating Social Bar plugin before 1.1.7 for WordPress allows remote attackers to inject arbitrary web script or HTML via vectors related to original service order.

  • CVE-2015-5528Jul 16, 2015
    risk 0.00cvss epss 0.02

    Cross-site scripting (XSS) vulnerability in the save_order function in class-floating-social-bar.php in the Floating Social Bar plugin before 1.1.6 for WordPress allows remote attackers to inject arbitrary web script or HTML via the items[] parameter in an fsb_save_order action…