### [CVE-2012-10012](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-10012)
![](https://img.shields.io/static/v1?label=Product&message=Facebook%20Like%20Button&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=2.0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.1%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.10%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.11%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.12%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.13%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.2%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.3%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.4%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.5%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.6%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.7%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.8%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Version&message=2.9%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-352%20Cross-Site%20Request%20Forgery&color=brightgreen)

### Description

A vulnerability has been found in BestWebSoft Facebook Like Button up to 2.13 and classified as problematic. Affected by this vulnerability is the function fcbk_bttn_plgn_settings_page of the file facebook-button-plugin.php. The manipulation leads to cross-site request forgery. The attack can be launched remotely. The patch is named 33144ae5a45ed07efe7fceca901d91365fdbf7cb. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-225355.
In BestWebSoft Facebook Like Button bis 2.13 wurde eine Schwachstelle gefunden. Sie wurde als problematisch eingestuft. Es geht um die Funktion fcbk_bttn_plgn_settings_page der Datei facebook-button-plugin.php. Durch das Beeinflussen mit unbekannten Daten kann eine cross-site request forgery-Schwachstelle ausgenutzt werden. Der Angriff kann über das Netzwerk erfolgen. Der Patch wird als 33144ae5a45ed07efe7fceca901d91365fdbf7cb bezeichnet. Als bestmögliche Massnahme wird Patching empfohlen.

### POC

#### Reference
- https://github.com/wp-plugins/facebook-button-plugin/commit/33144ae5a45ed07efe7fceca901d91365fdbf7cb

#### Github
- https://github.com/fkie-cad/nvd-json-data-feeds