Does Like Button Rating ♥ LikeBtn have any unpatched vulnerabilities?

No. All known vulnerabilities in Like Button Rating ♥ LikeBtn have been patched as of the latest data update. Always keep the plugin updated to the latest version.

Is Like Button Rating ♥ LikeBtn compatible with WordPress 6.9.4?

According to WordPress.org data, Like Button Rating ♥ LikeBtn 2.6.59 has been tested up to WordPress 6.9.4. Check the plugin's changelog for the latest compatibility information.

How often is Like Button Rating ♥ LikeBtn updated?

Like Button Rating ♥ LikeBtn was last updated on Mar 12, 2026. Frequent updates are generally a positive security signal.

What is Like Button Rating ♥ LikeBtn's security score?

Like Button Rating ♥ LikeBtn has a WP-Safety security score of 96/100. This score is computed from CVE history, patch response time, developer trust signals, and plugin maintenance activity.

Like Button Rating ♥ LikeBtn Security & Risk Analysis

wordpress.org/plugins/likebtn-like-button

Add Like button to posts, pages, comments, WooCommerce, BuddyPress, bbPress, UM, custom posts! Sort content by likes! Get instant stats and insights!

4K active installs v2.6.59 PHP + WP 2.8+ Updated Mar 12, 2026

likelike-buttonratingvotevoting

A · Safe

CVEs total5

Unpatched0

Last CVEAug 29, 2024

Plugin page Download

Safety Verdict

Is Like Button Rating ♥ LikeBtn Safe to Use in 2026?

Generally Safe

Score 96/100

Like Button Rating ♥ LikeBtn has a strong security track record. Known vulnerabilities have been patched promptly.

5 known CVEsLast CVE: Aug 29, 2024Updated 22d ago

Risk Assessment

The 'likebtn-like-button' v2.6.59 plugin exhibits a mixed security posture. While it shows strengths in using prepared statements for SQL queries (86%) and proper output escaping (85%), these are overshadowed by significant concerns in its attack surface and historical vulnerability trends. The presence of 4 AJAX handlers without authentication checks is a notable weakness, potentially allowing unauthorized actions. Furthermore, the taint analysis reveals 4 high-severity flows with unsanitized paths, indicating a risk of malicious input being processed without adequate validation, which could lead to various exploits. The plugin's vulnerability history is also a red flag, with 5 known CVEs, including one high-severity and four medium-severity vulnerabilities. The common types of past vulnerabilities such as Cross-site Scripting, Missing Authorization, and SSRF, coupled with the recent discovery of a high-severity issue, suggest recurring security oversights. Although there are no currently unpatched CVEs, the pattern of past vulnerabilities and the identified code weaknesses point to a need for more robust security practices in development and a cautious approach to its deployment. The outdated bundled library (Select2 v3.5.1) adds another layer of potential risk.

Key Concerns

AJAX handlers without authorization checks
High severity taint flows with unsanitized paths
Bundled outdated library (Select2 v3.5.1)
High severity vulnerability in history
Medium severity vulnerabilities in history

Vulnerabilities

Like Button Rating ♥ LikeBtn Security Vulnerabilities

CVEs by Year

1 CVE in 2017

2017

2 CVEs in 2021

2021

1 CVE in 2022

2022

1 CVE in 2024

2024

Patched Has unpatched

Severity Breakdown

High

Medium

5 total CVEs

CVE-2024-44064medium · 6.1Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Like Button Rating <= 2.6.53 - Cross-Site Request Forgery

Aug 29, 2024 Patched in 2.6.54 (48d)

CVE-2022-0745medium · 5Missing Authorization

Like Button Rating ♥ LikeBtn <= 2.6.44 - Arbitrary e-mail Sending

May 23, 2022 Patched in 2.6.45 (610d)

CVE-2021-24945medium · 6.5Exposure of Sensitive Information to an Unauthorized Actor

Like Button Rating <= 2.6.37 - Unauthorised Vote Export to Email & IP Addresses Disclosure

Nov 11, 2021 Patched in 2.6.38 (803d)

CVE-2021-24150high · 7.5Server-Side Request Forgery (SSRF)

Like Button Rating ♥ LikeBtn < 2.6.32 - Server-Side Request Forgery

Feb 6, 2021 Patched in 2.6.32 (1081d)

WF-227886e8-99d9-49b3-a1a8-b06b02d331bc-likebtn-like-buttonmedium · 6.5Improper Authentication

Like Button Rating <= 2.5.3 - Arbitrary Settings Change

Nov 2, 2017 Patched in 2.5.4 (2273d)

Code Analysis

Analyzed Mar 16, 2026

Like Button Rating ♥ LikeBtn Code Analysis

Dangerous Functions

Raw SQL Queries

83 prepared

Unescaped Output

188

1031 escaped

Nonce Checks

Capability Checks

File Operations

External Requests

Bundled Libraries

Select23.5.1

SQL Query Safety

86% prepared96 total queries

Output Escaping

85% escaped1219 total outputs

Data Flows

10 unsanitized

Data Flow Analysis

13 flows10 with unsanitized paths

_likebtn_bulk_actions (likebtn_like_button.php:3546)

Source (user input) Sink (dangerous op) Sanitizer Transform Unsanitized Sanitized

Attack Surface

4 unprotected

Like Button Rating ♥ LikeBtn Attack Surface

Entry Points23

Unprotected4

AJAX Handlers 18

authwp_ajax_likebtn_system_checklikebtn_like_button.php:5128

authwp_ajax_likebtn_test_vote_notificationlikebtn_like_button.php:5200

authwp_ajax_likebtn_test_synclikebtn_like_button.php:5258

authwp_ajax_likebtn_check_accountlikebtn_like_button.php:5310

noprivwp_ajax_likebtn_force_plan_synclikebtn_like_button.php:5332

authwp_ajax_likebtn_edit_itemlikebtn_like_button.php:5410

authwp_ajax_likebtn_refresh_planlikebtn_like_button.php:5453

authwp_ajax_likebtn_go_freelikebtn_like_button.php:5495

authwp_ajax_likebtn_ipvi_getlikebtn_like_button.php:5551

authwp_ajax_likebtn_plugin_feedbacklikebtn_like_button.php:5591

authwp_ajax_likebtn_exportlikebtn_like_button.php:5666

authwp_ajax_likebtn_export_voteslikebtn_like_button.php:5799

authwp_ajax_likebtn_vgaphlikebtn_like_button.php:5917

authwp_ajax_likebtn_event_handlerlikebtn_like_button.php:6852

noprivwp_ajax_likebtn_event_handlerlikebtn_like_button.php:6853

authwp_ajax_likebtn_prxlikebtn_like_button.php:7276

noprivwp_ajax_likebtn_prxlikebtn_like_button.php:7277

authwp_ajax_likebtn_dismiss_reviewlikebtn_like_button.php:7559

Shortcodes 5

[likebtn] likebtn_like_button.php:3731

[likebtn_most_liked] likebtn_like_button.php:3760

[likebtn_liked_by_user] likebtn_like_button.php:3786

[likebtn_category_likes] likebtn_like_button.php:3824

[likebtn_user_votes] likebtn_like_button.php:3869

WordPress Hooks 64

filterbbp_has_replies_queryincludes\bbpress.php:72

filterbp_notifications_get_registered_componentsincludes\buddypress.php:21

filterbp_notifications_get_notifications_for_userincludes\buddypress.php:108

actiontemplate_redirectincludes\buddypress.php:212

actionbp_activity_filter_optionsincludes\buddypress.php:350

actionbp_member_activity_filter_optionsincludes\buddypress.php:352

actionbp_group_activity_filter_optionsincludes\buddypress.php:354

filterbp_activity_allowed_tagsincludes\buddypress.php:370

filterbp_activity_paged_activities_sqlincludes\buddypress.php:422

filterbp_activity_get_user_join_filterincludes\buddypress.php:426

filterbp_activity_total_activities_sqlincludes\buddypress.php:427

filtergamipress_activity_triggersincludes\gamipress.php:163

filterlikebtn_voteincludes\gamipress.php:164

filtergamipress_log_event_trigger_meta_dataincludes\gamipress.php:166

filtergamipress_log_extra_data_fieldsincludes\gamipress.php:167

actionwidgets_initincludes\likebtn_like_button_most_liked_widget.class.php:378

actionlikebtn_mycred_likeincludes\likebtn_mycred.class.php:86

actionlikebtn_mycred_dislikeincludes\likebtn_mycred.class.php:87

filterrequestincludes\meta_columns.php:17

actionadmin_initincludes\meta_columns.php:20

filterlanguage_attributesincludes\open_graph.php:9

actionwp_headincludes\open_graph.php:10

filterum_pre_header_editprofileincludes\um.php:13

filterum_members_just_after_nameincludes\um.php:19

filterum_profile_tabsincludes\um.php:31

actionum_profile_content_likebtn-liked-content_defaultincludes\um.php:47

actioninitlikebtn_like_button.php:1720

filterplugin_action_linkslikebtn_like_button.php:1732

actionadmin_menulikebtn_like_button.php:1763

actionadmin_footerlikebtn_like_button.php:1807

actionadmin_headlikebtn_like_button.php:1848

actionadmin_noticeslikebtn_like_button.php:2191

actionadmin_noticeslikebtn_like_button.php:2213

actionadmin_noticeslikebtn_like_button.php:2246

actionadmin_initlikebtn_like_button.php:2565

filtermycred_all_referenceslikebtn_like_button.php:4069

filtermycred_setup_hookslikebtn_like_button.php:4072

actionafter_setup_themelikebtn_like_button.php:4074

filterthe_contentlikebtn_like_button.php:4777

filterthe_excerptlikebtn_like_button.php:4778

actionwoocommerce_after_shop_loop_item_titlelikebtn_like_button.php:4828

actionwoocommerce_after_shop_loop_item_titlelikebtn_like_button.php:4829

actionwoocommerce_single_product_summarylikebtn_like_button.php:4833

actionwoocommerce_after_main_contentlikebtn_like_button.php:4834

actionloop_startlikebtn_like_button.php:4836

filtercomment_textlikebtn_like_button.php:4955

actionbp_before_member_header_metalikebtn_like_button.php:6281

filterbp_get_activity_actionlikebtn_like_button.php:6390

filterbp_activity_entry_contentlikebtn_like_button.php:6393

actionbp_activity_entry_metalikebtn_like_button.php:6396

filterbp_get_activity_contentlikebtn_like_button.php:6399

filterbp_activity_comment_optionslikebtn_like_button.php:6400

filterbp_get_activity_content_bodylikebtn_like_button.php:6401

filterbp_has_topic_postslikebtn_like_button.php:6409

filterbbp_theme_before_reply_admin_linkslikebtn_like_button.php:6518

filterbbp_theme_after_reply_admin_linkslikebtn_like_button.php:6519

filterbbp_get_reply_author_linklikebtn_like_button.php:6521

filterbbp_has_replieslikebtn_like_button.php:6567

actionbbp_theme_after_reply_contentlikebtn_like_button.php:6568

actionbbp_template_after_user_profilelikebtn_like_button.php:6569

actionwp_enqueue_scriptslikebtn_like_button.php:6579

actionwp_enqueue_scriptslikebtn_like_button.php:6597

actionwp_footerlikebtn_like_button.php:7400

actionadmin_noticeslikebtn_like_button.php:7547

Maintenance & Trust

Like Button Rating ♥ LikeBtn Maintenance & Trust

Maintenance Signals

WordPress version tested6.9.4

Last updatedMar 12, 2026

PHP min version

Downloads488K

Community Trust

Rating86/100

Number of ratings270

Active installs4K

Alternatives

Like Button Rating ♥ LikeBtn Alternatives

Pro Like Button

prolike-button

Adds buttons to posts with the ability to sort them.

10 No CVEs

Managed posts rating ★ Like button

managed-posts-rating-like-button

100

Rating system for your WordPress site with a simple "like" button and advanced admin panel.

10 No CVEs

GD Rating System

gd-rating-system

Powerful, highly customizable and versatile ratings plugin to allow your users to vote for anything you want.

1K 12 CVEs

bbPress Voting

bbp-voting

Let visitors vote up and down on bbPress topics and replies just like Reddit or Stack Overflow!

500 1 CVE

Simple Vote – Share your Thought, By A Like/Dislike Vote!

simple-vote

ALLOW YOUR VISITORS TO SHARE THEIR THOUGHTS ON YOUR CONTENT, BY VOTE!

80 No CVEs

Developer Profile

Like Button Rating ♥ LikeBtn Developer Profile

LikeBtn

1 plugin · 4K total installs

trust score

Avg Security Score

96/100

Avg Patch Time

963 days

View full developer profile

Detection Fingerprints

How We Detect Like Button Rating ♥ LikeBtn

Patterns used to identify this plugin on WordPress sites during automated security audits and web crawling.

Asset Fingerprints

Asset Paths

/wp-content/plugins/likebtn-like-button/css/styles.css/wp-content/plugins/likebtn-like-button/css/new-styles.css/wp-content/plugins/likebtn-like-button/js/likebtn.js/wp-content/plugins/likebtn-like-button/js/likebtn.min.js

Script Paths

w.likebtn.com/js/w/widget.js

Version Parameters

likebtn-like-button/css/styles.css?ver=likebtn-like-button/css/new-styles.css?ver=likebtn-like-button/js/likebtn.js?ver=likebtn-like-button/js/likebtn.min.js?ver=

HTML / DOM Fingerprints

CSS Classes

likebtn-buttonlikebtn-render-container

Data Attributes

data-likebtn-iddata-likebtn-custom-styledata-likebtn-show-dislikedata-likebtn-selectordata-likebtn-counter

JS Globals

LikeBtn

Shortcode Output

[likebtn_off][likebtn_likes][likebtn_dislikes]

FAQ