WordPress Plugin AddToAny Share Buttons Host Header Injection (1.7.14)
Description
WordPress Plugin AddToAny Share Buttons is prone to a host header injection vulnerability because it fails to properly validate an HTTP request header. A successful attack may allow attackers to insert a crafted host header to navigate the victim to the attacker's domain. WordPress Plugin AddToAny Share Buttons version 1.7.14 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.7.15 or latest