The Social Stickers WordPress plugin through 2.2.9 does not have CSRF checks in place when updating its Social Network settings, and does not escape some of these fields, which could allow attackers to make a logged-in admin change them and lead to Stored Cross-Site Scripting issues.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: WPScan
Published: 2022-05-16T14:30:59
Updated: 2024-08-03T00:03:06.245Z
Reserved: 2022-04-20T00:00:00
Link: CVE-2022-1418
Vulnrichment
No data.
NVD
Status : Modified
Published: 2022-05-16T15:15:09.610
Modified: 2024-11-21T06:40:41.583
Link: CVE-2022-1418
Redhat
No data.