6 matches found
CVE-2025-0522
The LikeBot WordPress plugin through 0.85 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2025-0522
The LikeBot WordPress plugin through 0.85 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2025-0522 LikeBot – Decentralized like-system <= 0.85 - Admin+ Stored XSS via CSRF
The LikeBot WordPress plugin through 0.85 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
CVE-2025-0522 LikeBot – Decentralized like-system <= 0.85 - Admin+ Stored XSS via CSRF
The LikeBot WordPress plugin through 0.85 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack...
WordPress plugin LikeBot 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
PT-2025-5800 · WordPress · Likebot
Name of the Vulnerable Software and Affected Versions: LikeBot WordPress plugin versions 0.85 and earlier Description: The issue concerns a lack of CSRF verification and missing sanitization and escaping in certain areas, which could allow attackers to make logged-in administrators add stored XSS...