Vulnerability: 2 Click Socialmedia Buttons < 0.34 - Cross-Site Scripting

A cross-site scripting vulnerability in libs/xing.php in the 2 Click Social Media Buttons plugin before 0.34 for WordPress allows remote attackers to inject arbitrary web script or HTML via the xing-url parameter.

Impact

Allows attackers to inject malicious scripts into web pages viewed by users, potentially leading to session hijacking, defacement, or theft of sensitive information.

Severity

medium

Verified

Unknown