CVE-2023-49189

Summary

CVE-2023-49189 is a Cross-site Scripting (XSS) vulnerability affecting the Social Share Buttons & Analytics Plugin – GetSocial.Io, from versions n/a through 4.3.12. Attackers can exploit this Improper Neutralization of Input During Web Page Generation issue to inject malicious scripts into a targeted website, potentially stealing user data or taking control of user sessions. The vulnerability arises due to the plugin's failure to properly sanitize user-supplied input, making it susceptible to stored XSS attacks. Users of the affected plugin are advised to update as soon as a patch is released.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.