MEDIUM
the_champ
CVE published 2026-07-08
CVE-2026-11798
The Social Share, Social Login and Social Comments Plugin – Super Socializer plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'heateor_mastodon_share' parameter in all versions up to, and including, 7.14.5. This vulnerability allows unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action suc [truncated]