WordPress Like Button Rating <2.6.32 - Server-Side Request Forgery

WordPress Like Button Rating plugin before 2.6.32 is susceptible to server-side request forgery. An attacker can obtain sensitive information, modify data, and/or execute unauthorized operations. id: CVE-2021-24150 info: name: WordPress Like Button Rating 2.6.32 - Server-Side Request Forgery...

EUVD-2024-40844

Malicious code in bioql PyPI...

CVE-2021-24150

The LikeBtn WordPress Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.32 was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery SSRF...

CVE-2024-44064

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LikeBtn Like Button Rating likebtn-like-button.This issue affects Like Button Rating: from n/a through = 2.6.53...

CVE-2024-44064

CVE-2024-44064 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin LikeBtn – Like Button Rating that also allows Cross-Site Scripting (XSS). It affects versions up to and including 2.6.54 . The connected sources consistently describe the issue as CSRF with an XSS outcome ...

CVE-2024-44064 WordPress Like Button Rating LikeBtn plugin <= 2.6.54 - Reflected Cross Site Scripting (XSS) vulnerability

Cross-Site Request Forgery CSRF vulnerability in LikeBtn Like Button Rating allows Cross-Site Scripting XSS.This issue affects Like Button Rating: from n/a through 2.6.54...

CVE-2024-44064 WordPress Like Button Rating LikeBtn plugin <= 2.6.53 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LikeBtn Like Button Rating likebtn-like-button.This issue affects Like Button Rating: from n/a through = 2.6.53...

WordPress Like Button Rating LikeBtn plugin <= 2.6.53 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Muhammad Daffa Patchstack Alliance in WordPress Plugin Like Button Rating versions = 2.6.53...

WordPress Plugin Information Disclosure Vulnerability (CNVD-2021-102800)

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . WordPress Plugins Like Button Rating LikeBtn An informati...

CVE-2021-24945

The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in the likebtnexportvotes AJAX action, which could allow any authenticated user, such as subscriber, to get a list of email and IP addresses of people who liked content from the blog...

PT-2021-16380 · WordPress · Likebtn

Name of the Vulnerable Software and Affected Versions: LikeBtn WordPress plugin versions prior to 2.6.38 Description: The issue concerns a lack of authorization and CSRF checks in the likebtn export votes AJAX action. This could allow any authenticated user, such as a subscriber, to obtain a list...

WordPress Plugins Like Button Rating LikeBtn 跨站请求伪造漏洞

WordPress is the Wordpress Foundation's set of blogging platform developed using the PHP language . The platform supports PHP and MySQL servers to set up a personal blog site.WordPress Plugin is a WordPress open source application plugin . WordPress Plugins Like Button Rating LikeBtn An informati...

CVE-2021-24150

The LikeBtn WordPress Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.32 was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery SSRF...

CVE-2021-24150

The LikeBtn WordPress Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.32 was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery SSRF...

Server side request forgery (ssrf)

The LikeBtn WordPress Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.32 was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery SSRF...

CVE-2021-24150 Like Button Rating < 2.6.32 - Unauthenticated Full-Read SSRF

The LikeBtn WordPress Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.32 was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery SSRF...

CVE-2021-24150

CVE-2021-24150 affects the WordPress Like Button Rating plugin prior to 2.6.32. The vulnerability is an unauthenticated SSRF: the plugin’s likebtn_like_button.php exposes an AJAX hook (likebtn_prx) that proxies requests, and a weak host check (only requires the string likebtn.com) allows the serv...

Like Button Rating < 2.6.32 - Unauthenticated Full-Read SSRF

The LikeBtn WordPress plugin was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery SSRF. On line 7493 in likebtnlikebutton.php a hook is set to allow unauthenticated ajax calls which will call the function likebtnprx. As the name suggests, this function works as a proxy and can ...

Like Button Rating < 2.6.32 - Unauthenticated Full-Read SSRF

The LikeBtn WordPress plugin was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery SSRF. On line 7493 in likebtnlikebutton.php a hook is set to allow unauthenticated ajax calls which will call the function likebtnprx. As the name suggests, this function works as a proxy and can ...