VYPR

Wti Like Post

by WordPress

CVEs (3)

  • CVE-2015-9466CriOct 10, 2019
    risk 0.64cvss 9.8epss 0.02

    The wti-like-post plugin before 1.4.3 for WordPress has WtiLikePostProcessVote SQL injection via the HTTP_CLIENT_IP, HTTP_X_FORWARDED_FOR, HTTP_X_FORWARDED, HTTP_FORWARDED_FOR, or HTTP_FORWARDED variable.

  • CVE-2024-33917MedMay 17, 2024
    risk 0.34cvss 5.3epss 0.00

    Authentication Bypass by Spoofing vulnerability in webtechideas WTI Like Post allows Functionality Bypass.This issue affects WTI Like Post: from n/a through 1.4.6.

  • CVE-2020-8799MedMay 5, 2020
    risk 0.31cvss 4.8epss 0.01

    A Stored XSS vulnerability has been found in the administration page of the WTI Like Post plugin through 1.4.5 for WordPress. Once the administrator has submitted the data, the script stored is executed for all the users visiting the website.