WordPress Plugin Vulnerabilities

Cardoza Facebook Like Box < 2.8.3 - Multiple CSRF

Description

The Easy Social Like Box – Popup – Sidebar Widget WordPress plugin was affected by a Multiple CSRF security vulnerability.

Affects Plugins

Plugin icon
cardoza-facebook-like-box
Fixed in 2.8.3

References

CVE
CVE-2014-9524
URL
https://packetstormsecurity.com/files/#129506/

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Verified
No
WPVDB ID
120ee668-32d8-4f6d-aaae-d6c26873d5e1

Timeline

Publicly Published
2014-12-12 (about 11 years ago)
Added
2019-08-21 (about 6 years ago)
Last Updated
2019-11-27 (about 6 years ago)

Other

Published
Title
Published
2023-08-21
Title
Lock User Account < 1.0.4 - Arbitrary Account Lock/Unlock via CSRF
Published
2024-06-05
Title
Offload Videos – Bunny.net, AWS S3 <= 1.0.1 Subscriber+ CSRF
Published
2025-05-16
Title
Import Export For WooCommerce <= 1.6.2 - Cross-Site Request Forgery to Stored Cross-Site Scripting
Published
2023-02-28
Title
Ever Compare < 1.2.4 - Arbitrary Plugin Activation via CSRF
Published
2023-06-03
Title
WPC Smart Wishlist for WooCommerce < 4.7.2 - Add/Remove Wishlist Items via CSRF