Browse all 7 CVE security advisories affecting WarfarePlugins. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Warfareplugins develops WordPress security plugins focused on protecting websites from common web threats. Historically, their products have been vulnerable to multiple remote code execution (RCE) and cross-site scripting (XSS) flaws, often stemming from insufficient input validation and improper privilege handling. The company has accumulated seven CVEs, with several critical vulnerabilities allowing attackers to execute arbitrary code or escalate privileges. While no major public security incidents have been documented, the consistent pattern of vulnerabilities in their plugins suggests ongoing challenges in secure coding practices. Users should implement additional security layers and maintain regular updates to mitigate potential risks when using these tools.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-6297 | Several WordPress.org Plugins <= Various Versions - Injected Backdoor — Social Sharing Plugin – Social Warfare | 10.0 | Critical | 2024-06-25 |
| CVE-2024-1959 | Social Sharing Plugin – Social Warfare <= 4.4.6.1 - Authenticated(Contributor+) Stored Cross-Site Scripting via Shortcode — Social Sharing Plugin – Social WarfareCWE-79 | 6.4 | Medium | 2024-05-02 |
| CVE-2021-4434 | Social Warfare <= 3.5.2 - Remote Code Execution — Social Sharing Plugin – Social WarfareCWE-94 | 10.0 | Critical | 2024-01-17 |
| CVE-2023-4842 | Social Sharing Plugin - Social Warfare <= 4.4.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode — Social Sharing Plugin – Social WarfareCWE-79 | 6.4 | Medium | 2023-11-07 |
| CVE-2023-0403 | Social Warfare <= 4.3.1 - Cross-Site Request Forgery — Social Sharing Plugin – Social WarfareCWE-352 | 5.4 | Medium | 2023-01-19 |
| CVE-2023-0402 | Social Warfare <= 4.3.0 - Missing Authorization — Social Sharing Plugin – Social WarfareCWE-862 | 5.4 | Medium | 2023-01-19 |
This page lists every published CVE security advisory associated with WarfarePlugins. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.