MOABI : Continuous Software Improvement

CVE-2015-9433
Description	The wp-social-bookmarking-light plugin before 1.7.10 for WordPress has CSRF with resultant XSS via configuration parameters for Tumblr, Twitter, Facebook, etc. in wp-admin/options-general.php?page=wp-social-bookmarking-light%2Fmodules%2Fadmin.php.
Impact	CVSS v2 : 4.3 MEDIUM
Type	CWE-352
Attack Vector	CVSSv2 Vector : AV:N/AC:M/Au:N/C:N/I:P/A:N
Quick links	CVE, NVD, CERT, Metasploit, Exploit-db, Fulldisc, Bugtraq, Microsoft, Red Hat, Debian, GitHub code/issues, Google
References	http://cinu.pl/research/wp-plugins/mail_58e88633599b7b2fc0f44ce6fa7ff27d.html https://wordpress.org/plugins/wp-social-bookmarking-light/#developers https://wpvulndb.com/vulnerabilities/8252