CVE-2014-125097
3.5
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
Summary
A vulnerability, which was classified as problematic, was found in BestWebSoft Facebook Like Button up to 2.33. Affected is the function fcbkbttn_settings_page of the file facebook-button-plugin.php. The manipulation leads to cross site scripting. It is possible to launch the attack remotely. Upgrading to version 2.34 is able to address this issue. The patch is identified as b766da8fa100779409a953f0e46c2a2448cbe99c. It is recommended to upgrade the affected component. VDB-225354 is the identifier assigned to this vulnerability.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| BestWebSoft | Facebook Like Button | 2.0 | affected |
| BestWebSoft | Facebook Like Button | 2.1 | affected |
| BestWebSoft | Facebook Like Button | 2.2 | affected |
| BestWebSoft | Facebook Like Button | 2.3 | affected |
| BestWebSoft | Facebook Like Button | 2.4 | affected |
| BestWebSoft | Facebook Like Button | 2.5 | affected |
| BestWebSoft | Facebook Like Button | 2.6 | affected |
| BestWebSoft | Facebook Like Button | 2.7 | affected |
| BestWebSoft | Facebook Like Button | 2.8 | affected |
| BestWebSoft | Facebook Like Button | 2.9 | affected |
| BestWebSoft | Facebook Like Button | 2.10 | affected |
| BestWebSoft | Facebook Like Button | 2.11 | affected |
| BestWebSoft | Facebook Like Button | 2.12 | affected |
| BestWebSoft | Facebook Like Button | 2.13 | affected |
| BestWebSoft | Facebook Like Button | 2.14 | affected |
| BestWebSoft | Facebook Like Button | 2.15 | affected |
| BestWebSoft | Facebook Like Button | 2.16 | affected |
| BestWebSoft | Facebook Like Button | 2.17 | affected |
| BestWebSoft | Facebook Like Button | 2.18 | affected |
| BestWebSoft | Facebook Like Button | 2.19 | affected |
| BestWebSoft | Facebook Like Button | 2.20 | affected |
| BestWebSoft | Facebook Like Button | 2.21 | affected |
| BestWebSoft | Facebook Like Button | 2.22 | affected |
| BestWebSoft | Facebook Like Button | 2.23 | affected |
| BestWebSoft | Facebook Like Button | 2.24 | affected |
| BestWebSoft | Facebook Like Button | 2.25 | affected |
| BestWebSoft | Facebook Like Button | 2.26 | affected |
| BestWebSoft | Facebook Like Button | 2.27 | affected |
| BestWebSoft | Facebook Like Button | 2.28 | affected |
| BestWebSoft | Facebook Like Button | 2.29 | affected |
| BestWebSoft | Facebook Like Button | 2.30 | affected |
| BestWebSoft | Facebook Like Button | 2.31 | affected |
| BestWebSoft | Facebook Like Button | 2.32 | affected |
| BestWebSoft | Facebook Like Button | 2.33 | affected |
Weaknesses
- CWE-79: CWE-79 Cross Site Scripting
ADP Enrichment
CVE Program Container
Additional References
- https://vuldb.com/?id.225354
- https://vuldb.com/?ctiid.225354
- https://github.com/wp-plugins/facebook-button-plugin/commit/b766da8fa100779409a953f0e46c2a2448cbe99c
References
- https://vuldb.com/?id.225354
- https://vuldb.com/?ctiid.225354
- https://github.com/wp-plugins/facebook-button-plugin/commit/b766da8fa100779409a953f0e46c2a2448cbe99c
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.