What is CVE-2012-10012?

CVE-2012-10012 is a vulnerability found in BestWebSoft Facebook Like Button up to version 2.13, which allows for cross-site request forgery attacks.

How severe is CVE-2012-10012?

CVE-2012-10012 has a severity rating of 8.8, which is considered high.

What software versions are affected by CVE-2012-10012?

Versions up to and including 2.13 of BestWebSoft Facebook Like Button for WordPress are affected by CVE-2012-10012.

What is the CWE ID for CVE-2012-10012?

CVE-2012-10012 is associated with CWE-352, which refers to Cross-Site Request Forgery (CSRF) vulnerabilities.

Is there a fix available for CVE-2012-10012?

Yes, a fix for CVE-2012-10012 is available. It is recommended to update to a version of BestWebSoft Facebook Like Button beyond 2.13.

Vulnerability/
CVE-2012-10012

high

8.8

CWE

352

9/4/2023

6/8/2024

CVE-2012-10012: BestWebSoft Facebook Like Button facebook-button-plugin.php fcbk_bttn_plgn_settings_page cross-site request forgery

First published: Sun Apr 09 2023(Updated: )

A vulnerability has been found in BestWebSoft Facebook Like Button up to 2.13 and classified as problematic. Affected by this vulnerability is the function fcbk_bttn_plgn_settings_page of the file facebook-button-plugin.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The patch is named 33144ae5a45ed07efe7fceca901d91365fdbf7cb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-225355.

Credit: cna@vuldb.com cna@vuldb.com

Affected Software	Affected Version	How to fix
Bestwebsoft Facebook Button	<=2.13
	<=2.13

Remedy

https://github.com/wp-plugins/facebook-button-plugin/commit/33144ae5a45ed07efe7fceca901d91365fdbf7cb

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2012-10012?
CVE-2012-10012 is a vulnerability found in BestWebSoft Facebook Like Button up to version 2.13, which allows for cross-site request forgery attacks.
How severe is CVE-2012-10012?
CVE-2012-10012 has a severity rating of 8.8, which is considered high.
What software versions are affected by CVE-2012-10012?
Versions up to and including 2.13 of BestWebSoft Facebook Like Button for WordPress are affected by CVE-2012-10012.
What is the CWE ID for CVE-2012-10012?
CVE-2012-10012 is associated with CWE-352, which refers to Cross-Site Request Forgery (CSRF) vulnerabilities.
Is there a fix available for CVE-2012-10012?
Yes, a fix for CVE-2012-10012 is available. It is recommended to update to a version of BestWebSoft Facebook Like Button beyond 2.13.

collector/nvd-index
agent/author
agent/type
agent/weakness
agent/remedy
agent/references
agent/description
agent/softwarecombine
collector/nvd-api
source/NVD
agent/software-canonical-lookup
collector/mitre-cve
source/MITRE
agent/severity
agent/last-modified-date
agent/title
agent/tags
agent/first-publish-date
agent/event
vendor/bestwebsoft
canonical/bestwebsoft facebook button
version/bestwebsoft facebook button/2.13

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co

By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.