Exploit for #VU18052 Cross-site scripting in WordPress Social Sharing Plugin - Social Warfare

Vulnerability identifier: #VU18052

Vulnerability risk: High

CVSSv4.0: 6.9 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:A/U:Amber]

CVE-ID: CVE-2019-9978

CWE-ID: CWE-79

Exploitation vector: Network

Exploits in database: 4

• August 21, 2023
  • CVE-2019-9978-Python3 (python3 version of the CVE-2019-9978 exploit) [Github]
• March 2, 2023
  • CVE-2019-9978_Exploit (Social WarFare Plugin (<=3.5.2) Remote Code Execution) [Github]
• November 15, 2022
  • CVE-2019-9978_Exploit (Social WarFare Plugin (<=3.5.2) Remote Code Execution) [Github]
• June 17, 2021
  • Wordpress Plugin Social Warfare < 3.5.3 - Remote Code Execution [Exploit-DB]

Vulnerable software:
WordPress Social Sharing Plugin - Social Warfare
Web applications / Modules and components for CMS

Vendor: Warfare Plugins