23 matches found
CVE-2022-0745
The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body...
EUVD-2024-40844
Malicious code in bioql PyPI...
CVE-2021-24945
The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in the likebtnexportvotes AJAX action, which could allow any authenticated user, such as subscriber, to get a list of email and IP addresses of people who liked content from the blog...
CVE-2024-44064
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LikeBtn Like Button Rating likebtn-like-button.This issue affects Like Button Rating: from n/a through = 2.6.53...
CVE-2024-44064
Cross-Site Request Forgery CSRF vulnerability in LikeBtn Like Button Rating allows Cross-Site Scripting XSS.This issue affects Like Button Rating: from n/a through 2.6.54...
CVE-2024-44064
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LikeBtn Like Button Rating likebtn-like-button.This issue affects Like Button Rating: from n/a through = 2.6.53...
CVE-2024-44064
CVE-2024-44064 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin LikeBtn – Like Button Rating that also allows Cross-Site Scripting (XSS). It affects versions up to and including 2.6.54 . The connected sources consistently describe the issue as CSRF with an XSS outcome ...
PT-2024-30932 · Unknown · Like Button Rating
Name of the Vulnerable Software and Affected Versions: Like Button Rating versions through 2.6.54 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that also allows Cross-Site Scripting XSS. Recommendations: For versions through 2.6.54, update to a version that...
WordPress Like Button Rating LikeBtn plugin <= 2.6.53 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by Muhammad Daffa Patchstack Alliance in WordPress Plugin Like Button Rating versions = 2.6.53...
WordPress Like Button Rating Plugin <= 2.6.53 is vulnerable to Cross Site Request Forgery (CSRF)
Software Like Button Rating Type Plugin Vulnerable versions = 2.6.53 Fixed in 2.6.54 OWASP Top 10 A3: Injection Classification Cross Site Request Forgery CSRF CVE CVE-2024-44064 Patch priority Low CVSS severity Low 7.1 Developer Claim ownership PSID 604b9cb063a6 Credits Muhammad Daffa Required...
CVE-2022-0745
The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body...
CVE-2022-0745
The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body...
Information disclosure
The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body...
CVE-2022-0745
CVE-2022-0745 affects the WordPress plugin “Like Button Rating” (LikeBtn). Connected documents confirm that versions prior to 2.6.45 allow any logged-in user (e.g., a subscriber) to send arbitrary emails to any recipient with arbitrary subject and body, via the plugin’s exposed functionality (e.g...
WordPress plugin Like Button Rating 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An access control error...
WordPress Like Button Rating LikeBtn plugin <= 2.6.44 - Arbitrary e-mail Sending vulnerability
Arbitrary e-mail Sending vulnerability discovered by Krzysztof Zając in WordPress Like Button Rating LikeBtn plugin versions = 2.6.44. Solution Update the WordPress Like Button Rating LikeBtn plugin to the latest available version at least 2.6.45...
WordPress Plugin Information Disclosure Vulnerability (CNVD-2021-102800)
WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . WordPress Plugins Like Button Rating LikeBtn An informati...
Cross site request forgery (csrf)
The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in the likebtnexportvotes AJAX action, which could allow any authenticated user, such as subscriber, to get a list of email and IP addresses of people who liked content from the blog...
CVE-2021-24945 Like Button Rating < 2.6.38 - Unauthorised Vote Export to Email & IP Addresses Disclosure
The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in the likebtnexportvotes AJAX action, which could allow any authenticated user, such as subscriber, to get a list of email and IP addresses of people who liked content from the blog...
CVE-2021-24945
The WordPress Like Button Rating LikeBtn plugin (versions before 2.6.38) has an authorization/CSRF weakness in the likebtn_export_votes AJAX action. This flaw allows any authenticated user (e.g., a subscriber) to retrieve a list of emails and IP addresses of users who liked content. Root cause: l...