MidnightBSD

Advisories for sharebar_project

CVE-2012-6718 MEDIUM

The sharebar plugin before 1.2.2 for WordPress has XSS, a different issue than CVE-2013-3491.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-79,

Products Affected

Vendor Product Version
sharebar_project sharebar *
CVE-2012-6719 HIGH

The sharebar plugin before 1.2.2 for WordPress has SQL injection.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
sharebar_project sharebar *
CVE-2022-1626 LOW

The Sharebar WordPress plugin through 1.4.1 does not have CSRF check in place when updating its settings, which could allow attackers to make a logged in admin change them via a CSRF attack and also lead to Stored Cross-Site Scripting issue due to the lack of sanitisation and escaping in some of them

CVSS 3.x

Source Score Severity Vector Exploitability Impact
nvd@nist.gov 5.4 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N 2.3 2.7

CVSS 2.0

Severity: LOW

Problem Type: CWE-352,

Products Affected

Vendor Product Version
sharebar_project sharebar *