CVE-2022-0745

The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body...

CVE-2023-40199

Cross-Site Request Forgery CSRF vulnerability in CRUDLab WP Like Button plugin = 1.7.0 versions...

EUVD-2014-1265

Malware in sbrugna...

EUVD-2012-1034

Malware in sbrugna...

EUVD-2021-11857

Malware in sbrugna...

EUVD-2023-51915

Malicious code in bioql PyPI...

EUVD-2024-40844

Malicious code in bioql PyPI...

EUVD-2023-44796

Malicious code in bioql PyPI...

CVE-2023-47820

Missing Authorization vulnerability in CRUDLab WP Like Button allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Like Button: from n/a through 1.7.0...

CVE-2021-24945

The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in the likebtnexportvotes AJAX action, which could allow any authenticated user, such as subscriber, to get a list of email and IP addresses of people who liked content from the blog...

CVE-2019-13344

An authentication bypass vulnerability in the CRUDLab WP Like Button plugin through 1.6.0 for WordPress allows unauthenticated attackers to change settings. The contains function in wplikebutton.php did not check if the current request is made by an authorized user, thus allowing any...

CVE-2014-125097

A vulnerability, which was classified as problematic, was found in BestWebSoft Facebook Like Button up to 2.33. Affected is the function fcbkbttnsettingspage of the file facebook-button-plugin.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely...

CVE-2012-10012

A vulnerability has been found in BestWebSoft Facebook Like Button up to 2.13 and classified as problematic. Affected by this vulnerability is the function fcbkbttnplgnsettingspage of the file facebook-button-plugin.php. The manipulation leads to cross-site request forgery. The attack can be...

CVE-2024-44064

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LikeBtn Like Button Rating likebtn-like-button.This issue affects Like Button Rating: from n/a through = 2.6.53...

CVE-2023-47820

Missing Authorization vulnerability in CRUDLab WP Like Button allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WP Like Button: from n/a through 1.7.0...

WordPress plugin WP Like Button 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

CVE-2024-44064

Cross-Site Request Forgery CSRF vulnerability in LikeBtn Like Button Rating allows Cross-Site Scripting XSS.This issue affects Like Button Rating: from n/a through 2.6.54...

CVE-2024-44064

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LikeBtn Like Button Rating likebtn-like-button.This issue affects Like Button Rating: from n/a through = 2.6.53...

CVE-2024-44064

CVE-2024-44064 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin LikeBtn – Like Button Rating that also allows Cross-Site Scripting (XSS). It affects versions up to and including 2.6.54 . The connected sources consistently describe the issue as CSRF with an XSS outcome ...

PT-2024-30932 · Unknown · Like Button Rating

Name of the Vulnerable Software and Affected Versions: Like Button Rating versions through 2.6.54 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability that also allows Cross-Site Scripting XSS. Recommendations: For versions through 2.6.54, update to a version that...