CVE-2025-12404

The Like-it plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the likeitconf function. This makes it possible for unauthenticated attackers to update settings and inject malicious web...

CVE-2025-12404

The Like-it plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the likeitconf function. This makes it possible for unauthenticated attackers to update settings and inject malicious web...

CVE-2025-12404 Like-it <= 2.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Like-it plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the likeitconf function. This makes it possible for unauthenticated attackers to update settings and inject malicious web...

CVE-2025-12404 Like-it <= 2.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting

The Like-it plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the likeitconf function. This makes it possible for unauthenticated attackers to update settings and inject malicious web...

CVE-2025-12404

CVE-2025-12404 affects the WordPress Like-it plugin, specifically versions up to 2.2. The vulnerability arises from missing or incorrect nonce validation in the likeit_conf() function, allowing unauthenticated attackers to update settings and inject malicious web scripts via forged requests that ...

EUVD-2025-197945

The Like-it plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 2.2. This is due to missing or incorrect nonce validation on the likeitconf function. This makes it possible for unauthenticated attackers to update settings and inject malicious web...

PT-2025-47256

Name of the Vulnerable Software and Affected Versions Like-it plugin for WordPress versions prior to 2.3 Description The Like-it plugin for WordPress is susceptible to Cross-Site Request Forgery CSRF. This is caused by insufficient or incorrect nonce validation within the likeit conf function. An...

WordPress plugin Like-it 跨站请求伪造漏洞

WordPress Like-it plugin is an extension to add like-it functionality to WordPress blogs, allowing users to perform like-it operations on posts or comments. The WordPress Like-it plugin suffers from a cross-site request forgery vulnerability, which arises from a web application that does not...

WordPress Like-it plugin <= 2.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability

Cross-Site Request Forgery to Stored Cross-Site Scripting vulnerability discovered by johska in WordPress Plugin Like-it versions = 2.2...

EUVD-2025-8605

Malicious code in bioql PyPI...

CVE-2025-31443

Cross-Site Request Forgery CSRF vulnerability in Krzysztof Furtak KK I Like It kk-i-like-it allows Stored XSS.This issue affects KK I Like It: from n/a through = 1.7.5.3...

CVE-2025-31443

Cross-Site Request Forgery CSRF vulnerability in Krzysztof Furtak KK I Like It kk-i-like-it allows Stored XSS.This issue affects KK I Like It: from n/a through = 1.7.5.3...

CVE-2025-31443 WordPress KK I Like It plugin <= 1.7.5.3 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Krzysztof Furtak KK I Like It allows Stored XSS. This issue affects KK I Like It: from n/a through 1.7.5.3...

CVE-2025-31443

CVE-2025-31443 : In the WordPress plugin KK I Like It, a Cross-Site Request Forgery (CSRF) vulnerability can lead to a Stored Cross-Site Scripting (XSS) condition. Affected software is KK I Like It versions up to 1.7.5.3 (inclusive). The connected WordFence vulnerability details indicate this ent...