| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2026-2358 | WP ULike <= 5.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attribute | alimir | WP ULike – Like & Dislike Buttons for Engagement and Feedback | Medium | 6.4 | 2026-03-11 05:27:17 | Deep Dive |
| CVE-2026-0909 | WP ULike <= 4.8.3.1 - Insecure Direct Object Reference to Authenticated (Subscriber+) Arbitrary Log Deletion via 'id' Parameter | alimir | WP ULike – Like & Dislike Buttons for Engagement and Feedback | Medium | 5.3 | 2026-02-03 03:24:35 | Deep Dive |
| CVE-2025-32259 | WordPress WP ULike plugin <= 4.7.9.1 - Content Spoofing Vulnerability | Alimir | WP ULike | Medium | 5.3 | 2025-04-10 08:09:47 | Deep Dive |
| CVE-2025-22738 | WordPress WP ULike plugin <= 4.7.6 - Cross Site Scripting (XSS) vulnerability | Alimir | WP ULike | Medium | 5.9 | 2025-01-15 15:23:34 | Deep Dive |
| CVE-2024-9649 | WP ULike <= 4.7.4 - Cross-Site Request Forgery to Statistic Deletion | alimir | WP ULike – Like & Dislike Buttons for Engagement and Feedback | Medium | 4.3 | 2024-10-16 02:05:04 | Deep Dive |
| CVE-2024-1759 | WP ULike <= 4.6.9 - Authenticated (Subscriber+) Stored Cross-Site Scripting | alimir | WP ULike – Like & Dislike Buttons for Engagement and Feedback | Medium | 6.4 | 2024-05-02 16:52:44 | Deep Dive |
| CVE-2024-1797 | WP ULike – Most Advanced WordPress Marketing Toolkit <= 4.6.9 - Authenticated (Contributor+) SQL Injection via Shortcodes | alimir | WP ULike – Like & Dislike Buttons for Engagement and Feedback | High | 8.8 | 2024-05-02 16:52:42 | Deep Dive |
| CVE-2024-1572 | WP ULike <= 4.6.9 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode | alimir | WP ULike – Like & Dislike Buttons for Engagement and Feedback | Medium | 6.4 | 2024-05-02 16:52:04 | Deep Dive |