The Easy Social Icons plugin for WordPress has a security vulnerability that lets someone with malicious intent insert bad code into the website. This plugin version 3.0.8 and below makes it possible for this to happen by displaying the code that was sent in the request path. This type of attack is called a reflected Cross-Site Scripting attack.
This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!
Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:
> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21
Is this information incorrect? Please leave us a message.
