Description
WordPress Plugin Simple Social Media Share Buttons-Social Sharing for Everyone is prone to a privilege escalation vulnerability. Exploiting this issue may allow attackers to bypass the expected capabilities check and perform otherwise restricted actions; other attacks are also possible. WordPress Plugin Simple Social Media Share Buttons-Social Sharing for Everyone versions ranging from 2.0.4 and up to (and including) 2.0.21 are vulnerable.
Remediation
Update to plugin version 2.0.22 or latest
References
https://www.webarxsecurity.com/wordpress-plugin-simple-social-buttons/
https://plugins.svn.wordpress.org/simple-social-buttons/trunk/readme.txt
Related Vulnerabilities
Jenkins Improper Restriction of Rendered UI Layers or Frames Vulnerability (CVE-2020-2105)
WordPress Plugin Email Queue by BestWebSoft Cross-Site Request Forgery (1.0.0)
PHP Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2017-7963)
IBM WebSEAL Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2017-1474)