{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-5528", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "state": "PUBLISHED", "assignerShortName": "Wordfence", "dateReserved": "2025-06-03T13:46:09.631Z", "datePublished": "2025-06-07T11:17:50.548Z", "dateUpdated": "2026-04-08T17:10:59.175Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:10:59.175Z"}, "affected": [{"vendor": "heateor", "product": "Social Sharing Plugin \u2013 Sassy Social Share", "versions": [{"version": "0", "status": "affected", "lessThanOrEqual": "3.3.75", "versionType": "semver"}], "defaultStatus": "unaffected"}], "descriptions": [{"lang": "en", "value": "The Social Sharing Plugin \u2013 Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share parameter in all versions up to, and including, 3.3.75 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action, such as clicking on a link."}], "title": "Social Sharing Plugin \u2013 Sassy Social Share <= 3.3.75 - Reflected Cross-Site Scripting via 'heateor_mastodon_share' Parameter", "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/99e922ec-d40a-47e7-a10f-d966a351d182?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/sassy-social-share/tags/3.3.75/public/class-sassy-social-share-public.php#L1481"}], "problemTypes": [{"descriptions": [{"lang": "en", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')", "cweId": "CWE-79", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"version": "3.1", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "baseScore": 6.1, "baseSeverity": "MEDIUM"}}], "credits": [{"lang": "en", "type": "finder", "value": "Naveen H N"}], "timeline": [{"time": "2025-06-03T00:00:00.000Z", "lang": "en", "value": "Discovered"}, {"time": "2025-06-04T18:17:17.000Z", "lang": "en", "value": "Vendor Notified"}, {"time": "2025-06-06T21:59:19.000Z", "lang": "en", "value": "Disclosed"}]}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-09T16:02:28.779124Z", "id": "CVE-2025-5528", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-09T16:03:46.320Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-5528", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-06-09T16:02:28.779124Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-09T16:02:42.599Z"}}], "cna": {"title": "Social Sharing Plugin \u2013 Sassy Social Share <= 3.3.75 - Reflected Cross-Site Scripting via 'heateor_mastodon_share' Parameter", "credits": [{"lang": "en", "type": "finder", "value": "Naveen H N"}], "metrics": [{"cvssV3_1": {"version": "3.1", "baseScore": 6.1, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N"}}], "affected": [{"vendor": "heateor", "product": "Social Sharing Plugin \u2013 Sassy Social Share", "versions": [{"status": "affected", "version": "0", "versionType": "semver", "lessThanOrEqual": "3.3.75"}], "defaultStatus": "unaffected"}], "timeline": [{"lang": "en", "time": "2025-06-03T00:00:00.000Z", "value": "Discovered"}, {"lang": "en", "time": "2025-06-04T18:17:17.000Z", "value": "Vendor Notified"}, {"lang": "en", "time": "2025-06-06T21:59:19.000Z", "value": "Disclosed"}], "references": [{"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/99e922ec-d40a-47e7-a10f-d966a351d182?source=cve"}, {"url": "https://plugins.trac.wordpress.org/browser/sassy-social-share/tags/3.3.75/public/class-sassy-social-share-public.php#L1481"}], "descriptions": [{"lang": "en", "value": "The Social Sharing Plugin \u2013 Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share parameter in all versions up to, and including, 3.3.75 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action, such as clicking on a link."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "shortName": "Wordfence", "dateUpdated": "2026-04-08T17:10:59.175Z"}}}, "cveMetadata": {"cveId": "CVE-2025-5528", "state": "PUBLISHED", "dateUpdated": "2026-04-08T17:10:59.175Z", "dateReserved": "2025-06-03T13:46:09.631Z", "assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599", "datePublished": "2025-06-07T11:17:50.548Z", "assignerShortName": "Wordfence"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:heateor:sassy_social_share:*:*:*:*:*:wordpress:*:*", "matchCriteriaId": "BD20BAE2-ADE3-4B7A-A9C0-9B25DAC286A7", "versionEndExcluding": "3.3.76", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The Social Sharing Plugin \u2013 Sassy Social Share plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the heateor_mastodon_share parameter in all versions up to, and including, 3.3.75 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action, such as clicking on a link."}, {"lang": "es", "value": "El complemento Social Sharing Plugin \u2013 Sassy Social Share para WordPress es vulnerable a ataques de Cross-Site Scripting Reflejado a trav\u00e9s del par\u00e1metro heater_mastodon_share en todas las versiones hasta la 3.3.75 incluida, debido a una depuraci\u00f3n de entrada y un escape de salida insuficientes. Esto permite a atacantes no autenticados inyectar scripts web arbitrarios en p\u00e1ginas que se ejecutan si logran enga\u00f1ar al usuario para que realice una acci\u00f3n, como hacer clic en un enlace."}], "id": "CVE-2025-5528", "lastModified": "2025-07-14T17:26:28.117", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 2.7, "source": "security@wordfence.com", "type": "Primary"}]}, "published": "2025-06-07T12:15:23.157", "references": [{"source": "security@wordfence.com", "tags": ["Product"], "url": "https://plugins.trac.wordpress.org/browser/sassy-social-share/tags/3.3.75/public/class-sassy-social-share-public.php#L1481"}, {"source": "security@wordfence.com", "tags": ["Third Party Advisory"], "url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/99e922ec-d40a-47e7-a10f-d966a351d182?source=cve"}], "sourceIdentifier": "security@wordfence.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "security@wordfence.com", "type": "Primary"}]}

{}

{"analysis": {"en": {"generated_at": "2026-04-22T01:24:22.844924+00:00", "value": {"mitigation_remediation": ["Upgrade the Social Sharing Plugin \u2013 Sassy Social Share to version 3.3.76 or newer, where the heateor_mastodon_share parameter is properly sanitized and escaped.", "If an immediate update is not possible, block or remove the mastodon share feature by disabling it in the plugin settings or by filtering the heateor_mastodon_share parameter so it no longer appears in generated URLs.", "Implement additional input validation or an output\u2011escaping routine for all plugin parameters, ensuring that any externally supplied data is properly sanitized before rendering to the browser."], "summary": {"action": "Patch", "impact": "Reflected Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "All WordPress sites that use the heateor Social Sharing Plugin \u2013 Sassy Social Share versions up to and including 3.3.75 are affected. Administrators should confirm that their installation falls within the impacted version range and plan an update if necessary.", "description_and_impact": "The Social Sharing Plugin \u2013 Sassy Social Share includes a flaw where the heateor_mastodon_share parameter is not properly sanitized or escaped. This allows an unauthenticated attacker to embed malicious JavaScript that is reflected back into the page and executed in the victim\u2019s browser. Because the vulnerable code runs client\u2011side, any user who follows a crafted link can become a victim, potentially resulting in script injection, defacement, or session hijacking. The weakness aligns with CWE\u201179.", "risk_and_exploitability": "The CVSS score of 6.1 indicates a medium risk, while the EPSS score of less than 1\u202f% suggests a low likelihood of exploitation in the near term. The vulnerability is not listed in the CISA KEV catalog. The attack vector is client\u2011side and requires only that a victim opens a URL containing an unsanitized heateor_mastodon_share value, such as a link that an attacker can embed in email, social media posts or malicious sites. Successful exploitation would run arbitrary JavaScript in the victim\u2019s browser, enabling the attacker to steal credentials, redirect users, or otherwise compromise the user\u2019s session."}}}}, "created": "2026-04-22T01:30:05.235643+00:00", "updated": "2026-04-22T01:30:05.235654+00:00", "vendors": []}