VYPR

Social Locker

by Pluginops

CVEs (2)

  • CVE-2024-51858MedNov 19, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in PluginOps Social Locker social-locker-content allows Stored XSS.This issue affects Social Locker: from n/a through <= 1.1.

  • CVE-2015-9425MedSep 26, 2019
    risk 0.35cvss 5.4epss 0.01

    The social-locker plugin before 4.2.5 for WordPress has CSRF with resultant XSS via the wp-admin/edit.php?post_type=opanda-item&page=license-manager-sociallocker-next licensekey parameter.