CVE-2023-5070 (social_media_share_buttons_&_social_sharing_icons)

The Social Media Share Buttons & Social Sharing Icons plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 2.8.5 via the sfsi_save_export function. This can allow subscribers to export plugin settings that include social media authentication tokens and secrets as well as app passwords.

amp app authentication cve export exposure function information media passwords plugin secrets sensitive sensitive information settings share sharing social social media subscribers tokens vulnerable wordpress