Vulnerability Details CVE-2021-24987
The Social Share, Social Login and Social Comments Plugin WordPress plugin before 7.13.30 does not sanitise and escape the urls parameter in its the_champ_sharing_count AJAX action (available to both unauthenticated and authenticated users) before outputting it back in the response, leading to a Reflected Cross-Site Scripting issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.061
EPSS Ranking 90.3%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
Products affected by CVE-2021-24987
-
cpe:2.3:a:heateor:super_socializer:-
-
cpe:2.3:a:heateor:super_socializer:1.0.0
-
cpe:2.3:a:heateor:super_socializer:1.0.1
-
cpe:2.3:a:heateor:super_socializer:1.0.2
-
cpe:2.3:a:heateor:super_socializer:2.0.0
-
cpe:2.3:a:heateor:super_socializer:2.1.0
-
cpe:2.3:a:heateor:super_socializer:2.5.0
-
cpe:2.3:a:heateor:super_socializer:2.5.1
-
cpe:2.3:a:heateor:super_socializer:2.5.2
-
cpe:2.3:a:heateor:super_socializer:2.8.0
-
cpe:2.3:a:heateor:super_socializer:2.8.1
-
cpe:2.3:a:heateor:super_socializer:2.9.0
-
cpe:2.3:a:heateor:super_socializer:3.4.0
-
cpe:2.3:a:heateor:super_socializer:3.4.1
-
cpe:2.3:a:heateor:super_socializer:3.4.2
-
cpe:2.3:a:heateor:super_socializer:4.0.0
-
cpe:2.3:a:heateor:super_socializer:4.0.1
-
cpe:2.3:a:heateor:super_socializer:4.0.2
-
cpe:2.3:a:heateor:super_socializer:4.2.0
-
cpe:2.3:a:heateor:super_socializer:4.3.0
-
cpe:2.3:a:heateor:super_socializer:5.0.0
-
cpe:2.3:a:heateor:super_socializer:5.0.1
-
cpe:2.3:a:heateor:super_socializer:5.0.2
-
cpe:2.3:a:heateor:super_socializer:5.1.2
-
cpe:2.3:a:heateor:super_socializer:5.2.2
-
cpe:2.3:a:heateor:super_socializer:5.3.2
-
cpe:2.3:a:heateor:super_socializer:5.4.2
-
cpe:2.3:a:heateor:super_socializer:5.5.2
-
cpe:2.3:a:heateor:super_socializer:5.8.0
-
cpe:2.3:a:heateor:super_socializer:5.8.1
-
cpe:2.3:a:heateor:super_socializer:6.0
-
cpe:2.3:a:heateor:super_socializer:6.1
-
cpe:2.3:a:heateor:super_socializer:6.2
-
cpe:2.3:a:heateor:super_socializer:6.4
-
cpe:2.3:a:heateor:super_socializer:6.5
-
cpe:2.3:a:heateor:super_socializer:6.6
-
cpe:2.3:a:heateor:super_socializer:6.6.1
-
cpe:2.3:a:heateor:super_socializer:6.6.2
-
cpe:2.3:a:heateor:super_socializer:6.6.3
-
cpe:2.3:a:heateor:super_socializer:6.6.4
-
cpe:2.3:a:heateor:super_socializer:7.0
-
cpe:2.3:a:heateor:super_socializer:7.0.1
-
cpe:2.3:a:heateor:super_socializer:7.1
-
cpe:2.3:a:heateor:super_socializer:7.10
-
cpe:2.3:a:heateor:super_socializer:7.10.1
-
cpe:2.3:a:heateor:super_socializer:7.10.2
-
cpe:2.3:a:heateor:super_socializer:7.10.3
-
cpe:2.3:a:heateor:super_socializer:7.10.4
-
cpe:2.3:a:heateor:super_socializer:7.10.5
-
cpe:2.3:a:heateor:super_socializer:7.10.6
-
cpe:2.3:a:heateor:super_socializer:7.11
-
cpe:2.3:a:heateor:super_socializer:7.11.1
-
cpe:2.3:a:heateor:super_socializer:7.11.10
-
cpe:2.3:a:heateor:super_socializer:7.11.11
-
cpe:2.3:a:heateor:super_socializer:7.11.12
-
cpe:2.3:a:heateor:super_socializer:7.11.13
-
cpe:2.3:a:heateor:super_socializer:7.11.14
-
cpe:2.3:a:heateor:super_socializer:7.11.15
-
cpe:2.3:a:heateor:super_socializer:7.11.16
-
cpe:2.3:a:heateor:super_socializer:7.11.2
-
cpe:2.3:a:heateor:super_socializer:7.11.3
-
cpe:2.3:a:heateor:super_socializer:7.11.4
-
cpe:2.3:a:heateor:super_socializer:7.11.5
-
cpe:2.3:a:heateor:super_socializer:7.11.6
-
cpe:2.3:a:heateor:super_socializer:7.11.7
-
cpe:2.3:a:heateor:super_socializer:7.11.8
-
cpe:2.3:a:heateor:super_socializer:7.11.9
-
cpe:2.3:a:heateor:super_socializer:7.12
-
cpe:2.3:a:heateor:super_socializer:7.12.1
-
cpe:2.3:a:heateor:super_socializer:7.12.10
-
cpe:2.3:a:heateor:super_socializer:7.12.11
-
cpe:2.3:a:heateor:super_socializer:7.12.12
-
cpe:2.3:a:heateor:super_socializer:7.12.13
-
cpe:2.3:a:heateor:super_socializer:7.12.15
-
cpe:2.3:a:heateor:super_socializer:7.12.16
-
cpe:2.3:a:heateor:super_socializer:7.12.17
-
cpe:2.3:a:heateor:super_socializer:7.12.18
-
cpe:2.3:a:heateor:super_socializer:7.12.19
-
cpe:2.3:a:heateor:super_socializer:7.12.2
-
cpe:2.3:a:heateor:super_socializer:7.12.20
-
cpe:2.3:a:heateor:super_socializer:7.12.21
-
cpe:2.3:a:heateor:super_socializer:7.12.22
-
cpe:2.3:a:heateor:super_socializer:7.12.23
-
cpe:2.3:a:heateor:super_socializer:7.12.24
-
cpe:2.3:a:heateor:super_socializer:7.12.25
-
cpe:2.3:a:heateor:super_socializer:7.12.26
-
cpe:2.3:a:heateor:super_socializer:7.12.27
-
cpe:2.3:a:heateor:super_socializer:7.12.28
-
cpe:2.3:a:heateor:super_socializer:7.12.29
-
cpe:2.3:a:heateor:super_socializer:7.12.3
-
cpe:2.3:a:heateor:super_socializer:7.12.30
-
cpe:2.3:a:heateor:super_socializer:7.12.31
-
cpe:2.3:a:heateor:super_socializer:7.12.32
-
cpe:2.3:a:heateor:super_socializer:7.12.33
-
cpe:2.3:a:heateor:super_socializer:7.12.34
-
cpe:2.3:a:heateor:super_socializer:7.12.35
-
cpe:2.3:a:heateor:super_socializer:7.12.36
-
cpe:2.3:a:heateor:super_socializer:7.12.37
-
cpe:2.3:a:heateor:super_socializer:7.12.38
-
cpe:2.3:a:heateor:super_socializer:7.12.39
-
cpe:2.3:a:heateor:super_socializer:7.12.4
-
cpe:2.3:a:heateor:super_socializer:7.12.40
-
cpe:2.3:a:heateor:super_socializer:7.12.41
-
cpe:2.3:a:heateor:super_socializer:7.12.42
-
cpe:2.3:a:heateor:super_socializer:7.12.43
-
cpe:2.3:a:heateor:super_socializer:7.12.44
-
cpe:2.3:a:heateor:super_socializer:7.12.45
-
cpe:2.3:a:heateor:super_socializer:7.12.46
-
cpe:2.3:a:heateor:super_socializer:7.12.47
-
cpe:2.3:a:heateor:super_socializer:7.12.49
-
cpe:2.3:a:heateor:super_socializer:7.12.5
-
cpe:2.3:a:heateor:super_socializer:7.12.50
-
cpe:2.3:a:heateor:super_socializer:7.12.6
-
cpe:2.3:a:heateor:super_socializer:7.12.7
-
cpe:2.3:a:heateor:super_socializer:7.12.8
-
cpe:2.3:a:heateor:super_socializer:7.12.9
-
cpe:2.3:a:heateor:super_socializer:7.13
-
cpe:2.3:a:heateor:super_socializer:7.13.1
-
cpe:2.3:a:heateor:super_socializer:7.13.10
-
cpe:2.3:a:heateor:super_socializer:7.13.11
-
cpe:2.3:a:heateor:super_socializer:7.13.12
-
cpe:2.3:a:heateor:super_socializer:7.13.13
-
cpe:2.3:a:heateor:super_socializer:7.13.14
-
cpe:2.3:a:heateor:super_socializer:7.13.15
-
cpe:2.3:a:heateor:super_socializer:7.13.16
-
cpe:2.3:a:heateor:super_socializer:7.13.17
-
cpe:2.3:a:heateor:super_socializer:7.13.18
-
cpe:2.3:a:heateor:super_socializer:7.13.19
-
cpe:2.3:a:heateor:super_socializer:7.13.2
-
cpe:2.3:a:heateor:super_socializer:7.13.20
-
cpe:2.3:a:heateor:super_socializer:7.13.21
-
cpe:2.3:a:heateor:super_socializer:7.13.22
-
cpe:2.3:a:heateor:super_socializer:7.13.23
-
cpe:2.3:a:heateor:super_socializer:7.13.24
-
cpe:2.3:a:heateor:super_socializer:7.13.25
-
cpe:2.3:a:heateor:super_socializer:7.13.26
-
cpe:2.3:a:heateor:super_socializer:7.13.27
-
cpe:2.3:a:heateor:super_socializer:7.13.28
-
cpe:2.3:a:heateor:super_socializer:7.13.29
-
cpe:2.3:a:heateor:super_socializer:7.13.3
-
cpe:2.3:a:heateor:super_socializer:7.13.4
-
cpe:2.3:a:heateor:super_socializer:7.13.5
-
cpe:2.3:a:heateor:super_socializer:7.13.6
-
cpe:2.3:a:heateor:super_socializer:7.13.7
-
cpe:2.3:a:heateor:super_socializer:7.13.8
-
cpe:2.3:a:heateor:super_socializer:7.13.9
-
cpe:2.3:a:heateor:super_socializer:7.2
-
cpe:2.3:a:heateor:super_socializer:7.2.1
-
cpe:2.3:a:heateor:super_socializer:7.4.1
-
cpe:2.3:a:heateor:super_socializer:7.4.2
-
cpe:2.3:a:heateor:super_socializer:7.5.2
-
cpe:2.3:a:heateor:super_socializer:7.5.3
-
cpe:2.3:a:heateor:super_socializer:7.5.4
-
cpe:2.3:a:heateor:super_socializer:7.5.5
-
cpe:2.3:a:heateor:super_socializer:7.5.6
-
cpe:2.3:a:heateor:super_socializer:7.6
-
cpe:2.3:a:heateor:super_socializer:7.7
-
cpe:2.3:a:heateor:super_socializer:7.7.1
-
cpe:2.3:a:heateor:super_socializer:7.7.2
-
cpe:2.3:a:heateor:super_socializer:7.7.3
-
cpe:2.3:a:heateor:super_socializer:7.7.4
-
cpe:2.3:a:heateor:super_socializer:7.7.5
-
cpe:2.3:a:heateor:super_socializer:7.7.6
-
cpe:2.3:a:heateor:super_socializer:7.7.7
-
cpe:2.3:a:heateor:super_socializer:7.7.8
-
cpe:2.3:a:heateor:super_socializer:7.8
-
cpe:2.3:a:heateor:super_socializer:7.8.1
-
cpe:2.3:a:heateor:super_socializer:7.8.10
-
cpe:2.3:a:heateor:super_socializer:7.8.11
-
cpe:2.3:a:heateor:super_socializer:7.8.12
-
cpe:2.3:a:heateor:super_socializer:7.8.13
-
cpe:2.3:a:heateor:super_socializer:7.8.14
-
cpe:2.3:a:heateor:super_socializer:7.8.15
-
cpe:2.3:a:heateor:super_socializer:7.8.16
-
cpe:2.3:a:heateor:super_socializer:7.8.17
-
cpe:2.3:a:heateor:super_socializer:7.8.18
-
cpe:2.3:a:heateor:super_socializer:7.8.19
-
cpe:2.3:a:heateor:super_socializer:7.8.2
-
cpe:2.3:a:heateor:super_socializer:7.8.20
-
cpe:2.3:a:heateor:super_socializer:7.8.21
-
cpe:2.3:a:heateor:super_socializer:7.8.22
-
cpe:2.3:a:heateor:super_socializer:7.8.23
-
cpe:2.3:a:heateor:super_socializer:7.8.24
-
cpe:2.3:a:heateor:super_socializer:7.8.3
-
cpe:2.3:a:heateor:super_socializer:7.8.4
-
cpe:2.3:a:heateor:super_socializer:7.8.5
-
cpe:2.3:a:heateor:super_socializer:7.8.6
-
cpe:2.3:a:heateor:super_socializer:7.8.7
-
cpe:2.3:a:heateor:super_socializer:7.8.8
-
cpe:2.3:a:heateor:super_socializer:7.8.9
-
cpe:2.3:a:heateor:super_socializer:7.9
-
cpe:2.3:a:heateor:super_socializer:7.9.1
-
cpe:2.3:a:heateor:super_socializer:7.9.2
-
cpe:2.3:a:heateor:super_socializer:7.9.3
-
cpe:2.3:a:heateor:super_socializer:7.9.4
-
cpe:2.3:a:heateor:super_socializer:7.9.5
-
cpe:2.3:a:heateor:super_socializer:7.9.6
-
cpe:2.3:a:heateor:super_socializer:7.9.7