CVE-2022-1653

CVE-2022-1653: Social Share Buttons by Supsystic < 2.2.4 - Multiple CSRF

Vendor Unknown
Product Social Share Buttons by Supsystic
Weakness CWE-352 · CSRF
Published June 27, 2022
Last update August 3, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

The Social Share Buttons by Supsystic WordPress plugin before 2.2.4 does not perform CSRF checks in it's ajax endpoints and admin pages, allowing an attacker to trick any logged in user to manipulate or change the plugin settings, as well as create, delete and rename projects and networks.

Key dates

02Disclosure timeline

June 27, 2022 CVE published
August 3, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2025-64240 WordPress Freshchat plugin <= 2.3.4 - Cross Site Request Forgery (CSRF) vulnerability CVE-2025-8992 mtons mblog cross-site request forgery CVE-2022-20853 Cisco Expressway Series and Cisco TelePresence VCS Cross-Site Request Forgery Vulnerability CVE-2025-27904 Multiple vulnerabilities in IBM Java SDK affecting Db2 Recovery Expert for Linux, Unix and Windows CVE-2025-31814 WordPress OwnerRez Plugin <= 1.2.0 - Cross Site Request Forgery (CSRF) vulnerability