Releases681
Frequency4 days 14 hours
Last Release
Where real people propel your curiosity. Whether you’re thrifting gear, showing reels to that group who gets it, or sharing laughs over fun images reimagined by AI, Facebook helps you make things happen like no other social network.
Explore and expand your interests:
* Shop Marketplace for hidden gems and take your hobbies to the next level
* Personalize your Feed to see more of what you like, less of what you don’t
* Ask Meta AI for information and get answers instantly
* Drive into reels that reflect the things you're interested in
* Search Facebook on any topic and get more interactive results
Connect with people and communities:
* Join groups to learn tips from real people who’ve been there, done that
* Get inspired by creators, or catch up with Friends
* Add new Friends to your world, but also decide how closely to keep up with them
* Privately message relatable posts that only your BFF will get or that reels trend everyone’s talking about
Share your world:
* Use generative AI to create custom stickers and images to delight friends
* Customize your profile to choose how you show up and who sees your posts
* Effortlessly create reels from trending templates, or showcase your creativity with a full suite of editing tools
* Capture moments on the fly with stories
Some features may not be available in your country or region.
Terms & Policies: https://www.facebook.com/policies_center
Privacy Policy: https://www.facebook.com/privacy
Learn how we're working to help keep our communities safe across Meta technologies at the Meta Safety Center: https://about.meta.com/actions/safety
CVE History
| CVE | Affected | Published | CVSS v3 | CVSS v2 |
|---|---|---|---|---|
| < 3.0.0 | 8.1 HIGH | 6.8 MEDIUM | ||
The run_action function of the Facebook for WordPress plugin before 3.0.0 deserializes user supplied data making it possible for PHP objects to be supplied creating an Object Injection vulnerability. There was also a useable magic method in the plugin that could be used to achieve remote code execution. | ||||
| >= 3.0.0, < 3.0.4 | 8.8 HIGH | 6.8 MEDIUM | ||
The wp_ajax_save_fbe_settings and wp_ajax_delete_fbe_settings AJAX actions of the Facebook for WordPress plugin before 3.0.4 were vulnerable to CSRF due to a lack of nonce protection. The settings in the saveFbeSettings function had no sanitization allowing for script tags to be saved. | ||||