Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in WP ULike – The Ultimate Engagement Toolkit for Websites 4.7.3

  • Severity: medium-risk
  • Status: Fixed
  • Publication: September 4, 2024

A popular plugin for WordPress, called WP ULike, has a security issue that could make websites vulnerable to hackers. This issue, known as Stored Cross-Site Scripting, is due to the plugin not properly filtering and protecting the information it receives and displays. This could allow attackers with high-level access to the website to insert harmful scripts that will run whenever someone visits the affected page. This only affects certain types of WordPress installations, but it is important to update the plugin to the latest version to prevent any potential risks.

Detected in:

WP ULike – All-in-One Engagement Toolkit fixed vulnerable versions:
WP ULike – The Ultimate Engagement Toolkit for Websites fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.