Authenticated Stored Cross-Site Scripting (XSS)... · CVE-2021-36843 · GitHub Advisory Database · GitHub

Authenticated Stored Cross-Site Scripting (XSS)...

Moderate severity Unreviewed Published Nov 27, 2021 to the GitHub Advisory Database • Updated Feb 1, 2023

Package

No package listed— Suggest a package

Affected versions

Unknown

Patched versions

Unknown

Description

Authenticated Stored Cross-Site Scripting (XSS) vulnerability discovered in WordPress Floating Social Media Icon plugin (versions <= 4.3.5) Social Media Configuration form. Requires high role user like admin.

References

Published by the National Vulnerability Database

Nov 26, 2021

Published to the GitHub Advisory Database Nov 27, 2021

Last updated Feb 1, 2023