VYPR

Social Like Box and Page

by WordPress

CVEs (2)

  • CVE-2023-23972MedApr 6, 2023
    risk 0.38cvss 5.9epss 0.00

    Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Smplug-in Social Like Box and Page by WpDevArt plugin <= 0.8.39 versions.

  • CVE-2023-0177MedFeb 13, 2023
    risk 0.35cvss 5.4epss 0.00

    The Social Like Box and Page by WpDevArt WordPress plugin before 0.8.41 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform…