ThreatPress

WordPress Vulnerability Database

Back

WordPress Like Button Rating plugin <= 2.6.31 - Unauthenticated Server-Side Request Forgery (SSRF) vulnerability

Product
Like Button Rating
Description
Unauthenticated Server-Side Request Forgery (SSRF) vulnerability found by Lauritz Holme in WordPress Like Button Rating plugin (versions <= 2.6.31).
Solution
Update the WordPress Like Button Rating plugin to the latest available version (at least 2.6.32).
Classification
Type Server Side Request Forgery (SSRF)
References
Vulnerability details
Plugin changelog
CVE
Name CVE-N/A
Versions
Affected In <= 2.6.31
Fixed In 2.6.32
Disclosure date
2021-02-06
Credits
Lauritz Holme