CVE-2025-0522

Published Feb 6, 2025

Last updated 4 days ago

Overview

Description
The LikeBot WordPress plugin through 0.85 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.
Source
contact@wpscan.com
NVD status
Awaiting Analysis

Weaknesses

134c704f-9b21-4f2e-91b3-4a467353bcc0
CWE-79

Social media

Hype score
Not currently trending

  1. CVE-2025-0522 The LikeBot WordPress plugin through 0.85 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make… https://t.co/wowYQCApi2

    @CVEnew

    6 Feb 2025

    435 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References