MOABI : Continuous Software Improvement

CVE-2015-9439
Description	The addthis plugin before 5.0.13 for WordPress has CSRF with resultant XSS via the wp-admin/options-general.php?page=addthis_social_widget pubid parameter.
Impact	CVSS v2 : 3.5 LOW
Type	CWE-79
Attack Vector	CVSSv2 Vector : AV:N/AC:M/Au:S/C:N/I:P/A:N
Quick links	CVE, NVD, CERT, Metasploit, Exploit-db, Fulldisc, Bugtraq, Microsoft, Red Hat, Debian, GitHub code/issues, Google
References	http://blog.cinu.pl/2015/11/php-static-code-analysis-vs-top-1000-wordpress-plugins.html https://wordpress.org/plugins/addthis/#developers https://wpvulndb.com/vulnerabilities/8246