CVE-2022-1717

CVE-2022-1717: Custom Share Buttons with Floating Sidebar < 4.2 - Admin+ Stored XSS

Vendor Unknown
Product Custom Share Buttons with Floating Sidebar
Weakness CWE-79 · XSS
Published June 20, 2022
Last update August 3, 2024
View on NVD All CVEs

CVSS base score

What the vulnerability does

01Description

The Custom Share Buttons with Floating Sidebar WordPress plugin before 4.2 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks when the unfiltered_html capability is disallowed

Key dates

02Disclosure timeline

June 20, 2022 CVE published
August 3, 2024 Record updated

Related vulnerabilities

04Related CVE

CVE-2024-43920 WordPress Gutenverse – Gutenberg Blocks – Page Builder for Site Editor plugin <= 1.9.4 - Cross Site Scripting (XSS) vulnerability CVE-2025-4417 AVEVA PI Connector for CygNet Cross-site Scripting CVE-2026-29177 Craft Commerce has Stored XSS in Craft Commerce Order Details Slideout CVE-2023-3969 GZ Scripts Availability Booking Calendar PHP HTTP POST Request index.php cross site scripting CVE-2024-37512 WordPress NEX-Forms – Ultimate Form Builder plugin <= 8.5.10 - Cross Site Scripting (XSS) vulnerability