Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in Hubbub Lite – Fast, Reliable Social Sharing Buttons 1.33.1

  • Severity: high-risk
  • Status: Fixed
  • Publication: March 27, 2024

A popular plugin for WordPress called “Hubbub Lite” has a security issue that allows attackers to inject harmful code. This can happen if the plugin receives untrusted information through a function called ‘dpsp_maybe_unserialize’. The vulnerability exists in all versions up to 1.33.1 and can only be exploited by users with contributor access or higher. However, if the target system has other plugins or themes that contain a specific code, the attacker may be able to delete files, access private information, or run their own code.

Detected in:

Hubbub Lite – Fast Social Share & Follow Buttons + Audience Growth Plugin fixed vulnerable versions:
Hubbub Lite – Fast, free social sharing and follow buttons fixed vulnerable versions:
Hubbub Lite – Fast, Reliable Social Sharing Buttons fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.