PT-2026-25274

Missing Authorization vulnerability in Ays Pro Popup Like box ays-facebook-popup-likebox allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Popup Like box: from n/a through = 3.7.7...

CVE-2023-4963

The WS Facebook Like Box Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ws-facebook-likebox' shortcode in versions up to, and including, 5.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

EUVD-2014-1265

Malware in sbrugna...

EUVD-2014-9339

Malware in sbrugna...

EUVD-2012-1034

Malware in sbrugna...

Trojans Embedded in .svg Files

Porn sites are hiding code in .svg files: Unpacking the attack took work because much of the JavaScript in the .svg images was heavily obscured using a custom version of "JSFuck," a technique that uses only a handful of character types to encode JavaScript into a camouflaged wall of text. Once...

CVE-2025-5439 Linksys RE6500/RE6250/RE6300/RE6350/RE7000/RE9000 verifyFacebookLike os command injection

A vulnerability was found in Linksys RE6500, RE6250, RE6300, RE6350, RE7000 and RE9000 1.0.013.001/1.0.04.001/1.0.04.002/1.1.05.003/1.2.07.001. It has been rated as critical. Affected by this issue is the function verifyFacebookLike of the file /goform/verifyFacebookLike. The manipulation of the...

Linksys多款产品 命令注入漏洞

Linksys RE6300 and others are products of Linksys, Inc.Linksys RE6300 is a wireless network signal extender.Linksys RE7000 is a wireless signal extender.Linksys RE6250 is a wireless extender. A command injection vulnerability exists in several Linksys products, which stems from the incorrect...

CVE-2014-9524

Multiple cross-site request forgery CSRF vulnerabilities in the Facebook Like Box cardoza-facebook-like-box plugin before 2.8.3 for WordPress allow remote attackers to hijack the authentication of administrators for requests that 1 change plugin settings via unspecified vectors or conduct...

CVE-2014-125097

A vulnerability, which was classified as problematic, was found in BestWebSoft Facebook Like Button up to 2.33. Affected is the function fcbkbttnsettingspage of the file facebook-button-plugin.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely...

CVE-2012-10012

A vulnerability has been found in BestWebSoft Facebook Like Button up to 2.13 and classified as problematic. Affected by this vulnerability is the function fcbkbttnplgnsettingspage of the file facebook-button-plugin.php. The manipulation leads to cross-site request forgery. The attack can be...

WordPress WS Facebook Like Box Widget Plugin <= 5.0 is vulnerable to Cross Site Scripting (XSS)

Software WS Facebook Like Box Widget Type Plugin Vulnerable versions = 5.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-4963 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 253f2e5e6627 Credits Lana Codes...

WordPress Plugin WS Facebook Like Box Widget Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

PT-2023-31275 · WordPress · Ws Facebook Like Box Widget

Name of the Vulnerable Software and Affected Versions: WS Facebook Like Box Widget for WordPress plugin versions up to, and including, 5.0 Description: The issue is related to Stored Cross-Site Scripting via the 'ws-facebook-likebox' shortcode due to insufficient input sanitization and output...

CVE-2014-125097

A vulnerability, which was classified as problematic, was found in BestWebSoft Facebook Like Button up to 2.33. Affected is the function fcbkbttnsettingspage of the file facebook-button-plugin.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely...

Cross site scripting

A vulnerability, which was classified as problematic, was found in BestWebSoft Facebook Like Button up to 2.33. Affected is the function fcbkbttnsettingspage of the file facebook-button-plugin.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely...

CVE-2014-125097 BestWebSoft Facebook Like Button facebook-button-plugin.php fcbkbttn_settings_page cross site scripting

A vulnerability, which was classified as problematic, was found in BestWebSoft Facebook Like Button up to 2.33. Affected is the function fcbkbttnsettingspage of the file facebook-button-plugin.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely...

CVE-2014-125097

Affected software: WordPress plugin BestWebSoft Facebook Like Button (versions up to 2.33). Vulnerable component: fcbkbttn_settings_page in facebook-button-plugin.php. Issue: cross‑site scripting vulnerability exploitable remotely. Impact: allows user interaction required; results include potenti...

CVE-2012-10012

A vulnerability has been found in BestWebSoft Facebook Like Button up to 2.13 and classified as problematic. Affected by this vulnerability is the function fcbkbttnplgnsettingspage of the file facebook-button-plugin.php. The manipulation leads to cross-site request forgery. The attack can be...

Cross site request forgery (csrf)

A vulnerability has been found in BestWebSoft Facebook Like Button up to 2.13 and classified as problematic. Affected by this vulnerability is the function fcbkbttnplgnsettingspage of the file facebook-button-plugin.php. The manipulation leads to cross-site request forgery. The attack can be...