ThreatPress

WordPress Vulnerabilities Database

Back

WordPress Sharebar Plugin 1.2.1 - SQL Injection and Cross Site Scripting Vulnerabilities

Product
ShareBar
Description
Sharebar plugin is prone to multiple cross-site scripting and SQL-injection vulnerabilities because of failure to properly clean up user-supplied input. It allows an attacker to steal cookie-based authentication credentials, access or modify data, compromise the application or exploit latent vulnerabilities in the underlying database.
Solution
Update the plugin.
Classification
Type Multi
OWASP Top 10 A1: Injection
References
Exploit-DB
CVE
Name CVE-N/A
Versions
Affected In <= 1.2.1
Fixed In 1.2.2
Disclosure date
2012-05-15
Credits
Heine Pedersen