VYPR

Social Icons Widget & Block

by Wpzoom

CVEs (3)

  • CVE-2024-2189MedMay 21, 2024
    risk 0.40cvss 6.1epss 0.00

    The Social Icons Widget & Block by WPZOOM WordPress plugin before 4.2.18 does not sanitise and escape some of its Widget settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is…

  • CVE-2024-30464MedJun 9, 2024
    risk 0.35cvss 5.4epss 0.02

    Missing Authorization vulnerability in WPZOOM Social Icons Widget & Block by WPZOOM.This issue affects Social Icons Widget & Block by WPZOOM: from n/a through 4.2.15.

  • CVE-2026-4063MedMar 13, 2026
    risk 0.28cvss 4.3epss 0.00

    The Social Icons Widget & Block by WPZOOM plugin for WordPress is vulnerable to unauthorized data modification due to a missing capability check in the add_menu_item() method hooked to admin_menu in all versions up to, and including, 4.5.8. This is due to the method performing…