5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
50.1%
A vulnerability has been found in BestWebSoft Facebook Like Button up to 2.13 and classified as problematic. Affected by this vulnerability is the function fcbk_bttn_plgn_settings_page of the file facebook-button-plugin.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The patch is named 33144ae5a45ed07efe7fceca901d91365fdbf7cb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-225355.
Vendor | Product | Version | CPE |
---|---|---|---|
bestwebsoft | facebook_button | 2.0 | cpe:2.3:a:bestwebsoft:facebook_button:2.0:*:*:*:*:*:*:* |
bestwebsoft | facebook_button | 2.1 | cpe:2.3:a:bestwebsoft:facebook_button:2.1:*:*:*:*:*:*:* |
bestwebsoft | facebook_button | 2.2 | cpe:2.3:a:bestwebsoft:facebook_button:2.2:*:*:*:*:*:*:* |
bestwebsoft | facebook_button | 2.3 | cpe:2.3:a:bestwebsoft:facebook_button:2.3:*:*:*:*:*:*:* |
bestwebsoft | facebook_button | 2.4 | cpe:2.3:a:bestwebsoft:facebook_button:2.4:*:*:*:*:*:*:* |
bestwebsoft | facebook_button | 2.5 | cpe:2.3:a:bestwebsoft:facebook_button:2.5:*:*:*:*:*:*:* |
bestwebsoft | facebook_button | 2.6 | cpe:2.3:a:bestwebsoft:facebook_button:2.6:*:*:*:*:*:*:* |
bestwebsoft | facebook_button | 2.7 | cpe:2.3:a:bestwebsoft:facebook_button:2.7:*:*:*:*:*:*:* |
bestwebsoft | facebook_button | 2.8 | cpe:2.3:a:bestwebsoft:facebook_button:2.8:*:*:*:*:*:*:* |
bestwebsoft | facebook_button | 2.9 | cpe:2.3:a:bestwebsoft:facebook_button:2.9:*:*:*:*:*:*:* |
[
{
"vendor": "BestWebSoft",
"product": "Facebook Like Button",
"versions": [
{
"version": "2.0",
"status": "affected"
},
{
"version": "2.1",
"status": "affected"
},
{
"version": "2.2",
"status": "affected"
},
{
"version": "2.3",
"status": "affected"
},
{
"version": "2.4",
"status": "affected"
},
{
"version": "2.5",
"status": "affected"
},
{
"version": "2.6",
"status": "affected"
},
{
"version": "2.7",
"status": "affected"
},
{
"version": "2.8",
"status": "affected"
},
{
"version": "2.9",
"status": "affected"
},
{
"version": "2.10",
"status": "affected"
},
{
"version": "2.11",
"status": "affected"
},
{
"version": "2.12",
"status": "affected"
},
{
"version": "2.13",
"status": "affected"
}
]
}
]
More
5 Medium
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:L/Au:N/C:N/I:P/A:N
8.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
8.6 High
AI Score
Confidence
High
0.001 Low
EPSS
Percentile
50.1%