CVE-2014-125097

Summary

A vulnerability, which was classified as problematic, was found in BestWebSoft Facebook Like Button up to 2.33. Affected is the function fcbkbttn_settings_page of the file facebook-button-plugin.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.34 is able to address this issue. The patch is identified as b766da8fa100779409a953f0e46c2a2448cbe99c. It is recommended to upgrade the affected component. VDB-225354 is the identifier assigned to this vulnerability.

Affected Software

VendorProductVersion RangeStatus
BestWebSoftFacebook Like Button2.0affected
BestWebSoftFacebook Like Button2.1affected
BestWebSoftFacebook Like Button2.2affected
BestWebSoftFacebook Like Button2.3affected
BestWebSoftFacebook Like Button2.4affected
BestWebSoftFacebook Like Button2.5affected
BestWebSoftFacebook Like Button2.6affected
BestWebSoftFacebook Like Button2.7affected
BestWebSoftFacebook Like Button2.8affected
BestWebSoftFacebook Like Button2.9affected
BestWebSoftFacebook Like Button2.10affected
BestWebSoftFacebook Like Button2.11affected
BestWebSoftFacebook Like Button2.12affected
BestWebSoftFacebook Like Button2.13affected
BestWebSoftFacebook Like Button2.14affected
BestWebSoftFacebook Like Button2.15affected
BestWebSoftFacebook Like Button2.16affected
BestWebSoftFacebook Like Button2.17affected
BestWebSoftFacebook Like Button2.18affected
BestWebSoftFacebook Like Button2.19affected
BestWebSoftFacebook Like Button2.20affected
BestWebSoftFacebook Like Button2.21affected
BestWebSoftFacebook Like Button2.22affected
BestWebSoftFacebook Like Button2.23affected
BestWebSoftFacebook Like Button2.24affected
BestWebSoftFacebook Like Button2.25affected
BestWebSoftFacebook Like Button2.26affected
BestWebSoftFacebook Like Button2.27affected
BestWebSoftFacebook Like Button2.28affected
BestWebSoftFacebook Like Button2.29affected
BestWebSoftFacebook Like Button2.30affected
BestWebSoftFacebook Like Button2.31affected
BestWebSoftFacebook Like Button2.32affected
BestWebSoftFacebook Like Button2.33affected

Weaknesses

  • CWE-79: CWE-79 Cross Site Scripting

ADP Enrichment

CVE Program Container

Additional References

References