Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in WP ULike – Most Advanced WordPress Marketing Toolkit 4.6.8

  • Severity: medium-risk
  • Status: Fixed
  • Publication: October 12, 2023

The WP ULike plugin for WordPress is not secure in versions up to 4.6.8. This means that someone with a contributor-level account or higher can add malicious web scripts to pages which will run every time someone visits the page. This is due to the plugin not properly filtering and protecting input and output.

Detected in:

WP ULike – All-in-One Engagement Toolkit fixed vulnerable versions:
WP ULike – Most Advanced Marketing Toolkit fixed vulnerable versions:
WP ULike – Most Advanced WordPress Marketing Toolkit fixed vulnerable versions: >= * <= 4.6.8
WP ULike – The Ultimate Engagement Toolkit for Websites fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.