High severity8.0NVD Advisory· Published Dec 13, 2021· Updated Jun 17, 2026
CVE-2021-24945
CVE-2021-24945
Description
The Like Button Rating ♥ LikeBtn WordPress plugin before 2.6.38 does not have any authorisation and CSRF checks in the likebtn_export_votes AJAX action, which could allow any authenticated user, such as subscriber, to get a list of email and IP addresses of people who liked content from the blog.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- WordPress/Like Button Rating ♥ LikeBtndescription
- Range: <2.6.38
Patches
Vulnerability mechanics
References
1- wpscan.com/vulnerability/d7618061-a7fa-4da4-9384-be19bc5e8548nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.