Catchsquare
Products
1- 5 CVEs
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2025-57981 | Med | 0.42 | 6.5 | 0.00 | Sep 22, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget wp-social-widget allows Stored XSS.This issue affects WP Social Widget: from n/a through <= 2.3.1. | ||
| CVE-2025-49306 | Med | 0.42 | 6.5 | 0.00 | Jun 6, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget wp-social-widget allows Stored XSS.This issue affects WP Social Widget: from n/a through <= 2.3. | ||
| CVE-2025-30610 | Med | 0.42 | 6.5 | 0.00 | Mar 24, 2025 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget wp-social-widget allows Stored XSS.This issue affects WP Social Widget: from n/a through <= 2.2.7. | ||
| CVE-2024-27189 | Med | 0.42 | 6.5 | 0.00 | Mar 15, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget allows Stored XSS.This issue affects WP Social Widget: from n/a through 2.2.5. | ||
| CVE-2023-0074 | 0.00 | — | 0.01 | Jan 30, 2023 | The WP Social Widget WordPress plugin before 2.2.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site… |
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget wp-social-widget allows Stored XSS.This issue affects WP Social Widget: from n/a through <= 2.3.1.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget wp-social-widget allows Stored XSS.This issue affects WP Social Widget: from n/a through <= 2.3.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget wp-social-widget allows Stored XSS.This issue affects WP Social Widget: from n/a through <= 2.2.7.
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in catchsquare WP Social Widget allows Stored XSS.This issue affects WP Social Widget: from n/a through 2.2.5.
- CVE-2023-0074Jan 30, 2023risk 0.00cvss —epss 0.01
The WP Social Widget WordPress plugin before 2.2.4 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site…