Title: Vulnerability
Last modified: July 13, 2025

---

# Vulnerability

 *  Resolved [Celestial Petals](https://wordpress.org/support/users/celestial-petals/)
 * (@celestial-petals)
 * [11 months, 1 week ago](https://wordpress.org/support/topic/vulnerability-142/)
 * The Scriptless Social Sharing plugin for WordPress is vulnerable to Stored Cross-
   Site Scripting in versions up to, and including, 3.3.0 due to insufficient input
   sanitization and output escaping. This makes it possible for authenticated attackers,
   with contributor-level access and above, to inject arbitrary web scripts in pages
   that will execute whenever a user accesses an injected page.
 * Will there an update providing a fix for this?

Viewing 2 replies - 1 through 2 (of 2 total)

 *  [Chad Warner](https://wordpress.org/support/users/chad-warner/)
 * (@chad-warner)
 * [11 months ago](https://wordpress.org/support/topic/vulnerability-142/#post-18554322)
 * There are other support threads about this. Unfortunately, the plugin author 
   hasn’t replied for two weeks.
 * [https://wordpress.org/support/topic/3-3-0-still-vulnerable/](https://wordpress.org/support/topic/3-3-0-still-vulnerable/)
 * [https://wordpress.org/support/topic/vulnerability-found-by-wordfence-2/](https://wordpress.org/support/topic/vulnerability-found-by-wordfence-2/)
 * [https://wordpress.org/support/topic/xxs-vulnerability/](https://wordpress.org/support/topic/xxs-vulnerability/)
 *  Plugin Author [Robin Cornett](https://wordpress.org/support/users/littlerchicken/)
 * (@littlerchicken)
 * [11 months ago](https://wordpress.org/support/topic/vulnerability-142/#post-18562658)
 * My apologies for the delay. I’ve just released 3.3.1 with a confirmed fix.

Viewing 2 replies - 1 through 2 (of 2 total)

The topic ‘Vulnerability’ is closed to new replies.

 * ![](https://ps.w.org/scriptless-social-sharing/assets/icon-256x256.jpg?rev=1361689)
 * [Scriptless Social Sharing](https://wordpress.org/plugins/scriptless-social-sharing/)
 * [Frequently Asked Questions](https://wordpress.org/plugins/scriptless-social-sharing/#faq)
 * [Support Threads](https://wordpress.org/support/plugin/scriptless-social-sharing/)
 * [Active Topics](https://wordpress.org/support/plugin/scriptless-social-sharing/active/)
 * [Unresolved Topics](https://wordpress.org/support/plugin/scriptless-social-sharing/unresolved/)
 * [Reviews](https://wordpress.org/support/plugin/scriptless-social-sharing/reviews/)

## Tags

 * [xss](https://wordpress.org/support/topic-tag/xss/)

 * 3 replies
 * 3 participants
 * Last reply from: [Robin Cornett](https://wordpress.org/support/users/littlerchicken/)
 * Last activity: [11 months ago](https://wordpress.org/support/topic/vulnerability-142/#post-18562658)
 * Status: resolved