Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High2

Medium0

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2024-11-21

CVE-2021-24945 - Likebtn Plugin

The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in the likebtn_export_votes AJAX action, which could allow any authenticated user, such as subscriber, to get a list of email and IP addresses of people who liked content from the blog.

PLUGIN Likebtn

CVE-2021-24945

HIGH CVSS 8.0 2021-12-13

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2021-24150 - Likebtn Plugin

The LikeBtn WordPress Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.32 was vulnerable to Unauthenticated Full-Read Server-Side Request Forgery (SSRF).

PLUGIN Likebtn

CVE-2021-24150

HIGH CVSS 7.5 2021-04-05

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2021-24945 - Likebtn Plugin

CVE-2021-24150 - Likebtn Plugin

Company Links

Contact Us