Description
WordPress Plugin Like Button Rating-LikeBtn is prone to a server-side request forgery vulnerability. An attacker may leverage this issue to make the vulnerable server perform port scanning of hosts in internal or external networks; other attacks are also possible. WordPress Plugin Like Button Rating-LikeBtn version 2.6.31 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 2.6.32 or latest
References
https://wpscan.com/vulnerability/6bc6023f-a5e7-4665-896c-95afa5b638fb
https://plugins.svn.wordpress.org/likebtn-like-button/trunk/readme.txt
Related Vulnerabilities
WordPress Plugin WooCommerce Save For Later Cart Enhancement PHP Object Injection (1.0.6)
WordPress Plugin Style It Cross-Site Scripting (1.0)
WordPress Plugin Theme My Login 'instance' Parameter Cross-Site Scripting (6.1.4)
Drupal Core 9.1.x Cross-Site Scripting (9.1.0 - 9.1.11)
WordPress Plugin WP Google Maps Cross-Site Request Forgery (7.11.27)