Lucene search
China National Vulnerability DatabaseCNVD-2022-55697HistoryJun 15, 2022 - 12:00 a.m.
WordPress Like Button Rating plugin access control error vulnerability
2022-06-1500:00:00
China National Vulnerability Database
www.cnvd.org.cn
18
wordpress
like button
rating plugin
access control error
vulnerability
php
blogging platform
wordpress foundation
improper access control
authenticated attacker
arbitrary emails
arbitrary subject
arbitrary body
recipient
EPSS
0.001
Percentile
24.8%
WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin. WordPress Like Button Rating plugin versions prior to 2.6.45 are vulnerable to an access control error. The vulnerability stems from improper access control and can be exploited by any authenticated attacker to send arbitrary emails with arbitrary subject and body to any recipient.
Related
cvelist
cvelist
CVE-2022-0745 Like Button Rating < 2.6.45 - Arbitrary e-mail Sending
2022-06-13 12:41:30
cve
cve
CVE-2022-0745
2022-06-13 13:15:10
patchstack
patchstack
prion
prion
Information disclosure
2022-06-13 13:15:00
nvd
nvd
CVE-2022-0745
2022-06-13 13:15:10
wpvulndb
wpvulndb
Like Button Rating < 2.6.45 - Arbitrary e-mail Sending
2022-05-23 00:00:00
wpexploit
wpexploit
Like Button Rating < 2.6.45 - Arbitrary e-mail Sending
2022-05-23 00:00:00