Lucene search
K

14 matches found

RedhatCVE
RedhatCVE
added 2026/01/09 9:26 a.m.4 views

CVE-2023-4888

The Simple Like Page Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'sfp-page-plugin' shortcode in versions up to, and including, 1.5.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

6.4CVSS4.9AI score0.00566EPSS
Exploits0References1
NVD
NVD
added 2025/12/31 3:15 p.m.5 views

CVE-2025-63022

Missing Authorization vulnerability in topdevs.net Simple Like Page simple-facebook-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Like Page: from n/a through = 1.5.3...

5.3CVSS0.00176EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/31 3:6 p.m.3 views

EUVD-2025-206042

Missing Authorization vulnerability in Illia Simple Like Page allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Like Page: from n/a through 1.5.3...

5.3CVSS6.2AI score0.00176EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/12/31 3:6 p.m.23 views

CVE-2025-63022 WordPress Simple Like Page plugin <= 1.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in topdevs.net Simple Like Page simple-facebook-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Like Page: from n/a through = 1.5.3...

5.3CVSS0.00176EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/31 3:6 p.m.3 views

CVE-2025-63022 WordPress Simple Like Page plugin <= 1.5.3 - Broken Access Control vulnerability

Missing Authorization vulnerability in topdevs.net Simple Like Page simple-facebook-plugin allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Simple Like Page: from n/a through = 1.5.3...

5.3CVSS5.9AI score0.00176EPSS
Exploits0References1
CVE
CVE
added 2025/12/31 3:6 p.m.8 views

CVE-2025-63022

CVE-2025-63022 concerns a Missing Authorization vulnerability in the Simple Like Page WordPress plugin (affected in Simple Like Page: from n/a through 1.5.3). The connected Wordfence source indicates an unauthenticated issue labeled as Missing Authorization for Simple Like Page, implying improper...

5.3CVSS5.9AI score0.00176EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 3:4 p.m.6 views

WordPress Simple Like Page plugin <= 1.5.3 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Simple Like Page versions = 1.5.3...

5.3CVSS6.8AI score0.00176EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/12/31 12:0 a.m.4 views

WordPress plugin Simple Like Page 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...

5.3CVSS6.5AI score0.00176EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-54727

Malicious code in bioql PyPI...

6.4CVSS6.4AI score0.00566EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/05/30 12:0 a.m.10 views

WordPress Simple Like Page Plugin <= 1.5.2 is vulnerable to Cross Site Scripting (XSS)

Software Simple Like Page Type Plugin Vulnerable versions = 1.5.2 Fixed in 1.5.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3583 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID d29033c851e5 Credits Krzysztof Zając Require...

6.4CVSS5.8AI score0.00276EPSS
Exploits0References3Affected Software1
Positive Technologies
Positive Technologies
added 2024/05/30 12:0 a.m.5 views

PT-2024-26755 · WordPress · Simple Like Page Plugin

Name of the Vulnerable Software and Affected Versions: The Simple Like Page Plugin for WordPress versions up to, and including, 1.5.2 Description: The issue arises from insufficient input sanitization and output escaping on user-supplied attributes in the plugin's shortcodes, allowing authenticat...

6.4CVSS6.4AI score0.00276EPSS
Exploits0References4
CVE
CVE
added 2023/11/07 11:31 a.m.76 views

CVE-2023-4888

CVE-2023-4888 affects the Simple Like Page Plugin for WordPress (v ≤ 1.5.1). It enables Stored Cross-Site Scripting via the sfp-page-plugin shortcode, allowing authenticated attackers with contributor-level permissions to inject scripts that execute in pages viewed by users. The advisory consolid...

6.4CVSS5.3AI score0.00566EPSS
Exploits0References5Affected Software1
CNNVD
CNNVD
added 2023/11/07 12:0 a.m.4 views

WordPress Plugin Simple Like Page Plugin Security Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

6.4CVSS6.4AI score0.00566EPSS
Exploits0References7
Patchstack
Patchstack
added 2023/11/07 12:0 a.m.6 views

WordPress Simple Like Page Plugin <= 1.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Simple Like Page Type Plugin Vulnerable versions = 1.5.1 Fixed in 1.5.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4888 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b392da079bc2 Credits Lana Codes Required...

6.4CVSS6AI score0.00566EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder