Wp Ulike
CVE-2022-45842
LOW
Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N
Lifecycle Timeline
1DescriptionNVD
Unauth. Race Condition vulnerability in WP ULike Plugin <= 4.6.4 on WordPress allows attackers to increase/decrease rating scores.
AnalysisAI
Unauth. Rated low severity (CVSS 3.7), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.
Technical ContextAI
This vulnerability is classified under CWE-367. Unauth. Race Condition vulnerability in WP ULike Plugin <= 4.6.4 on WordPress allows attackers to increase/decrease rating scores. Affected products include: Technowich Wp Ulike.
RemediationAI
No vendor patch is available at time of analysis. Monitor vendor advisories for updates. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
The WP ULike - Most Advanced WordPress Marketing Toolkit plugin for WordPress is vulnerable to SQL Injection via the 'st
The WP ULike WordPress plugin before 4.7.5 does not sanitise and escape some of its settings, which could allow high pri
The WP ULike WordPress plugin before 4.7.4 does not sanitise and escape some of its settings, which could allow high pri
The WP ULike WordPress plugin before 4.7.1 does not sanitise and escape some of its settings, which could allow high pri
The WP ULike WordPress plugin before 4.7.2.1 does not properly sanitize user display names when rendering on a public pa
The WP ULike plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'wp_ulike' shortcode in
The WP ULike - Most Advanced WordPress Marketing Toolkit plugin for WordPress is vulnerable to Stored Cross-Site Scripti
Auth. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor pat
The WP ULike - The Ultimate Engagement Toolkit for Websites plugin for WordPress is vulnerable to Cross-Site Request For
The WP ULike WordPress plugin before 4.7.6 does not sanitise and escape some of its settings, which could allow high pri
Same technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today