Lucene search
+L

11 matches found

EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2024-34392

Malicious code in bioql PyPI...

6.4CVSS8.9AI score0.00332EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/07/24 10:22 a.m.17 views

CVE-2025-7685

The Like & Share My Site plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 0.2. This is due to missing or incorrect nonce validation on the 'lsmsadmin' page. This makes it possible for unauthenticated attackers to update settings and inject...

6.1CVSS6AI score0.00117EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:26 a.m.8 views

CVE-2023-25783

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex Moss FireCask Like & Share Button plugin = 1.1.5 versions...

5.9CVSS5.6AI score0.00369EPSS
Exploits0References1
Prion
Prion
added 2023/12/26 7:15 p.m.19 views

Design/Logic Flaw

The BestWebSoft's Like & Share WordPress plugin before 2.74 discloses the content of password protected posts to unauthenticated users via a meta tag...

5CVSS7.2AI score0.00456EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2023/12/26 6:33 p.m.27 views

CVE-2023-6250 BestWebSoft's Like & Share < 2.74 - Unauthenticated Password Protected Post Read

The BestWebSoft's Like & Share WordPress plugin before 2.74 discloses the content of password protected posts to unauthenticated users via a meta tag...

7.8AI score0.00456EPSS
Exploits2References1
WPVulnDB
WPVulnDB
added 2023/11/29 12:0 a.m.17 views

BestWebSoft's Like & Share < 2.74 - Unauthenticated Password Protected Post Read

Description The plugin discloses the content of password protected posts to unauthenticated users via a meta tag PoC In the web browser, view the source of any password protected post and check the og:description meta tag...

7.5CVSS6.7AI score0.00456EPSS
Exploits2Affected Software1
Prion
Prion
added 2023/05/03 11:15 a.m.14 views

Cross site scripting

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Alex Moss FireCask Like & Share Button plugin = 1.1.5 versions...

4.3CVSS4.8AI score0.00369EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/03 10:34 a.m.46 views

CVE-2023-25783

CVE-2023-25783 affects the WordPress plugin FireCask Like & Share Button (Peadig) ≤ 1.1.5. The issue is a Stored Cross-Site Scripting (XSS) that requires authentication with admin+ privileges. The vulnerability is triggered through the plugin and could potentially allow an attacker with admin+ ri...

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2023/05/03 12:0 a.m.5 views

WordPress plugin FireCask Like & Share Button 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.9CVSS6.4AI score0.00369EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2023/02/15 12:0 a.m.9 views

FireCask Like & Share Button < 1.2 - Admin+ Stored XSS

The plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.9CVSS4.8AI score0.00369EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2023/02/15 12:0 a.m.12 views

WordPress FireCask Like & Share Button Plugin <= 1.1.5 is vulnerable to Cross Site Scripting (XSS)

Software FireCask Like & Share Button Type Plugin Vulnerable versions = 1.1.5 Fixed in 1.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-25783 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 548935e36490 Credits Rio Darmawan...

5.9CVSS5.8AI score0.00369EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder