Vulnerabilities > Wpulike > WP Ulike

DATE CVE VULNERABILITY TITLE RISK
2025-01-15 CVE-2025-22738 Cross-site Scripting vulnerability in Wpulike WP Ulike
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in TechnoWich WP ULike allows Stored XSS.This issue affects WP ULike: from n/a through 4.7.6.
network
low complexity
wpulike CWE-79
4.8
4.8
2024-10-16 CVE-2024-9649 Cross-Site Request Forgery (CSRF) vulnerability in Wpulike WP Ulike
The WP ULike – The Ultimate Engagement Toolkit for Websites plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 4.7.4.
network
low complexity
wpulike CWE-352
4.3
4.3
2024-05-02 CVE-2024-1572 Unspecified vulnerability in Wpulike WP Ulike
The WP ULike plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_ulike' shortcode in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping on the user supplied 'wrapper_class' attribute.
network
low complexity
wpulike
5.4
5.4
2024-05-02 CVE-2024-1759 Unspecified vulnerability in Wpulike WP Ulike
The WP ULike – Most Advanced WordPress Marketing Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via a user's display name in all versions up to, and including, 4.6.9 due to insufficient input sanitization and output escaping.
network
low complexity
wpulike
5.4
5.4