Plugin Name: Zen Sticky Social Description: Displays Facebook and Twitter sticky squares on the bottom left side. Author: Bogdan Dinga Last Change: Revision 777120, checked in by bogdandinga, 2 years ago File Size: 3.0 KB Key Vulnerability Information: Potential XSS Vulnerability: The plugin uses data directly without proper sanitization or validation, which could lead to Cross-Site Scripting (XSS) attacks. Unsanitized Input: The and values are used directly in the form action without any checks, potentially allowing malicious input. Lack of CSRF Protection: There is no evidence of a nonce or token being used to protect against Cross-Site Request Forgery (CSRF) attacks. Direct Output of User Input: The and values are echoed directly into the HTML, which could be exploited if they contain malicious scripts.