Cybernetikz Easy Social Icons — known CVE vulnerabilities
Every CVE whose affected-product data names Cybernetikz Easy Social Icons, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (5)
CVE-2022-0887 — CVSS 7.2 (high): The Easy Social Icons WordPress plugin before 3.1.4 does not sanitize the selected_icons attribute to the cnss_widget before using it in an…
CVE-2015-2084 — CVSS 6.8 (medium): Cross-site request forgery (CSRF) vulnerability in the Easy Social Icons plugin before 1.2.3 for WordPress allows remote attackers to…
CVE-2023-48336 — CVSS 6.5 (medium): Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in cybernetikz Easy Social Icons allows…
CVE-2021-39322 — CVSS 6.1 (medium): The Easy Social Icons plugin <= 3.0.8 for WordPress echoes out the raw value of `$_SERVER['PHP_SELF']` in its main file. On certain…
CVE-2022-0840 — CVSS 4.8 (medium): The Easy Social Icons WordPress plugin before 3.2.1 does not properly escape the image_file field when adding a new social icon, allowing…