Filtered by vendor Share This Image Project Subscriptions
Filtered by product Share This Image Subscriptions
Total 2 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2024-8761 2 Share This Image Project, Wp-unit 2 Share This Image, Share This Image 2024-09-27 7.2 High
The Share This Image plugin for WordPress is vulnerable to Open Redirect in all versions up to, and including, 2.03. This is due to insufficient validation on the redirect url supplied via the link parameter. This makes it possible for unauthenticated attackers to redirect users to potentially malicious sites if they can successfully trick them into performing an action.
CVE-2024-8108 1 Share This Image Project 1 Share This Image 2024-09-19 6.4 Medium
The Share This Image plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alignment' parameter in all versions up to, and including, 2.01 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.