Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High1

Medium1

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2024-11-21

CVE-2022-0840 - Easy Social Icons Plugin

The Easy Social Icons WordPress plugin before 3.2.1 does not properly escape the image_file field when adding a new social icon, allowing high privileged users to inject arbitrary javascript even when the unfiltered_html capability is disallowed.

PLUGIN Easy Social Icons

CVE-2022-0840

MEDIUM CVSS 4.8 2022-04-11

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2022-0887 - Easy Social Icons Plugin

The Easy Social Icons WordPress plugin before 3.1.4 does not sanitize the selected_icons attribute to the cnss_widget before using it in an SQL statement, leading to a SQL injection vulnerability.

PLUGIN Easy Social Icons

CVE-2022-0887

HIGH CVSS 7.2 2022-04-04

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2022-0840 - Easy Social Icons Plugin

CVE-2022-0887 - Easy Social Icons Plugin

Company Links

Contact Us