CVE-2025-15377: CWE-352 Cross-Site Request Forgery (CSRF) in abage Sosh Share Buttons
The Sosh Share Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing nonce validation on the 'admin_page_content' function. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
AI Analysis
Technical Summary
CVE-2025-15377 identifies a CSRF vulnerability in the abage Sosh Share Buttons WordPress plugin. The issue arises from the absence of nonce validation in the 'admin_page_content' function, which is responsible for handling plugin settings updates. Because of this, attackers can craft forged requests that, when executed by an authenticated administrator (e.g., via clicking a link), can modify plugin settings without proper authorization. The vulnerability affects all versions up to and including 1.1.0. There is no evidence of known exploits in the wild, and no patch or official remediation has been published as of the data available.
Potential Impact
An attacker can cause an authenticated site administrator to unknowingly change the plugin's settings by exploiting the CSRF vulnerability. This could lead to unauthorized configuration changes, potentially impacting site behavior or security posture. However, the vulnerability does not allow direct code execution, data disclosure, or denial of service. The impact is limited to integrity of plugin settings.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, administrators should exercise caution with links and requests related to the plugin's admin interface. Applying general best practices such as limiting administrator access and avoiding clicking untrusted links can reduce risk. Monitor the vendor's channels for updates or patches addressing this vulnerability.
CVE-2025-15377: CWE-352 Cross-Site Request Forgery (CSRF) in abage Sosh Share Buttons
Description
The Sosh Share Buttons plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.1.0. This is due to missing nonce validation on the 'admin_page_content' function. This makes it possible for unauthenticated attackers to update the plugin's settings via a forged request granted they can trick a site administrator into performing an action such as clicking on a link.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2025-15377 identifies a CSRF vulnerability in the abage Sosh Share Buttons WordPress plugin. The issue arises from the absence of nonce validation in the 'admin_page_content' function, which is responsible for handling plugin settings updates. Because of this, attackers can craft forged requests that, when executed by an authenticated administrator (e.g., via clicking a link), can modify plugin settings without proper authorization. The vulnerability affects all versions up to and including 1.1.0. There is no evidence of known exploits in the wild, and no patch or official remediation has been published as of the data available.
Potential Impact
An attacker can cause an authenticated site administrator to unknowingly change the plugin's settings by exploiting the CSRF vulnerability. This could lead to unauthorized configuration changes, potentially impacting site behavior or security posture. However, the vulnerability does not allow direct code execution, data disclosure, or denial of service. The impact is limited to integrity of plugin settings.
Mitigation Recommendations
Patch status is not yet confirmed — check the vendor advisory for current remediation guidance. Until an official fix is released, administrators should exercise caution with links and requests related to the plugin's admin interface. Applying general best practices such as limiting administrator access and avoiding clicking untrusted links can reduce risk. Monitor the vendor's channels for updates or patches addressing this vulnerability.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- Wordfence
- Date Reserved
- 2025-12-30T20:12:22.347Z
- Cvss Version
- 3.1
- State
- PUBLISHED
Threat ID: 69672e018330e067168f4029
Added to database: 1/14/2026, 5:47:45 AM
Last enriched: 4/9/2026, 4:56:41 PM
Last updated: 5/10/2026, 10:16:36 AM
Views: 67
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.