CVE-2024-51866

Name of the Vulnerable Software and Affected Versions Mr. Riponshah Social button versions n/a through 1.3

Description The issue is related to improper neutralization of input during web page generation, which allows stored cross-site scripting (XSS). This means an attacker can inject malicious scripts into the website, potentially affecting users. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited.

Recommendations For versions n/a through 1.3, update to the latest version immediately to mitigate risks. As a temporary workaround, consider restricting the use of the Social button until a patch is available.