Filtered by vendor Likebtn
Subscribe
Total
2 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2021-24945 | 1 Likebtn | 1 Like Button Rating | 2022-10-25 | 6.0 MEDIUM | 8.0 HIGH |
| The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in the likebtn_export_votes AJAX action, which could allow any authenticated user, such as subscriber, to get a list of email and IP addresses of people who liked content from the blog. | |||||
| CVE-2022-0745 | 1 Likebtn | 1 Like Button Rating | 2022-06-17 | 4.0 MEDIUM | 6.5 MEDIUM |
| The Like Button Rating WordPress plugin before 2.6.45 allows any logged-in user, such as subscriber, to send arbitrary e-mails to any recipient, with any subject and body | |||||