Lucene search
K
TechnowichWp Ulike

7 matches found

CVE
CVE
added 2023/10/24 11:6 a.m.77 views

CVE-2023-45640

CVE-2023-45640 describes a stored XSS vulnerability in the WordPress plugin WP ULike (TechnoWich) – Most Advanced WordPress Marketing Toolkit, affecting versions up to 4.6.8. The issue is exploitable by authenticated users with contributor or higher permissions and results in stored cross-site sc...

6.5CVSS5.5AI score0.00409EPSS
CVE
CVE
added 2022/11/30 12:40 p.m.70 views

CVE-2022-45842

WP ULike Plugin for WordPress (

5.3CVSS4.3AI score0.0033EPSS
CVE
CVE
added 2024/07/24 6:0 a.m.49 views

CVE-2024-6094

CVE-2024-6094 relates to the WP ULike WordPress plugin, pre-4.7.1. The issue is that the plugin does not sanitise and escape certain settings, enabling Stored Cross-Site Scripting (Stored XSS) by high-privilege users (e.g., admins), including in multisite environments where unfiltered_html is dis...

4.8CVSS5.4AI score0.00401EPSS
CVE
CVE
added 2024/09/06 6:0 a.m.49 views

CVE-2024-6792

Vulnerability context: CVE-2024-6792 affects the WP ULike WordPress plugin prior to 4.7.2.1. The issue stems from improper sanitization of user display names when rendering on public pages, which is described in Red Hat and Patchstack entries as a subscriber-level stored XSS exposure. Affected so...

3.5CVSS3.9AI score0.00355EPSS
CVE
CVE
added 2024/09/25 6:0 a.m.49 views

CVE-2024-7878

CVE-2024-7878 affects WP ULike WordPress plugin versions prior to 4.7.4. The issue is a failure to sanitise and escape certain settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admin) even when unfiltered_html is disallowed (including multisite setups). Red Hat and oth...

4.8CVSS4.9AI score0.00373EPSS
CVE
CVE
added 2024/11/06 6:0 a.m.49 views

CVE-2024-7879

The CVE-2024-7879 entries concern the WP ULike WordPress plugin (versions before 4.7.5) where certain settings are not properly sanitised/escaped. The Red Hat, NVD, and CVE lists describe this as a stored XSS vector that could be triggered by high-privilege users (e.g., editors) even when unfilte...

4.8CVSS4.8AI score0.00303EPSS
CVE
CVE
added 2025/05/15 8:6 p.m.36 views

CVE-2024-12770

CVE-2024-12770 affects the WP ULike WordPress plugin (versions before 4.7.6). An attacker with high privileges (e.g., admin) can trigger a Stored Cross-Site Scripting vulnerability due to unsanitized/escaped settings, even when unfiltered_html is disallowed (e.g., multisite). Impact per provided ...

4.8CVSS7.8AI score0.00315EPSS