2 matches found
CVE-2020-8799
CVE-2020-8799 is a stored XSS in the WordPress plugin WTI Like Post (up to version 1.4.5) . The vulnerability arises from data submitted by an administrator being stored and subsequently executed in visitors’ browsers, enabling script execution for all site users. Documents do not specify a fix v...
CVE-2015-9466
The CVE-2015-9466 issue affects the WordPress wti-like-post plugin prior to version 1.4.3. The vulnerability is a SQL injection in the WtiLikePostProcessVote function, exploitable via HTTP header variables including HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_FORWARDED_FOR, or HT...