VYPR

Simple Social Media Share Buttons

by WordPress

CVEs (7)

  • CVE-2026-34904HigApr 7, 2026
    risk 0.42cvss 7.5epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in Analytify Simple Social Media Share Buttons allows Cross Site Request Forgery.This issue affects Simple Social Media Share Buttons: from n/a through 6.2.0.

  • CVE-2024-2118MedApr 17, 2024
    risk 0.38cvss 5.9epss 0.00

    The Social Media Share Buttons & Social Sharing Icons WordPress plugin before 2.8.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is…

  • CVE-2021-24486MedAug 23, 2021
    risk 0.35cvss 5.4epss 0.01

    The Simple Social Media Share Buttons – Social Sharing for Everyone WordPress plugin before 3.2.3 did not escape the align and like_button_size parameters of its SSB shortcode, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting…

  • CVE-2023-5845MedNov 27, 2023
    risk 0.34cvss 5.3epss 0.01

    The Simple Social Media Share Buttons WordPress plugin before 5.1.1 leaks password-protected post content to unauthenticated visitors in some meta tags

  • CVE-2024-10362MedMay 15, 2025
    risk 0.31cvss 4.8epss 0.00

    The Social Media Share Buttons & Social Sharing Icons WordPress plugin before 2.9.1 does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is…

  • CVE-2024-13610MedApr 15, 2025
    risk 0.31cvss 4.8epss 0.00

    The Simple Social Media Share Buttons WordPress plugin before 6.0.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for…

  • CVE-2021-24656MedOct 11, 2021
    risk 0.31cvss 4.8epss 0.01

    The Simple Social Media Share Buttons WordPress plugin before 3.2.4 does not escape the Share Title settings before outputting it in the frontend pages or posts (depending on the settings used), allowing high privilege users to perform Cross-Site Scripting attacks even when the…