Lucene search
MitreCVELIST:CVE-2019-13344HistoryJul 05, 2019 - 3:33 p.m.
CVE-2019-13344
2019-07-0515:33:45
mitre
www.cve.org
2
EPSS
0.697
Percentile
98.1%
An authentication bypass vulnerability in the CRUDLab WP Like Button plugin through 1.6.0 for WordPress allows unauthenticated attackers to change settings. The contains() function in wp_like_button.php did not check if the current request is made by an authorized user, thus allowing any unauthenticated user to successfully update settings, as demonstrated by the wp-admin/admin.php?page=facebook-like-button each_page_url or code_snippet parameter.
Related
prion
prion
Authentication flaw
2019-07-05 16:15:00
zdt
zdt
WordPress Like Button 1.6.0 Plugin - Authentication Bypass Vulnerability
2019-07-08 00:00:00
patchstack
patchstack
WordPress WP Like Button plugin <= 1.6.0 - Auth Bypass vulnerability
2019-07-10 00:00:00
exploitdb
exploitdb
WordPress Plugin Like Button 1.6.0 - Authentication Bypass
2019-07-08 00:00:00
cve
cve
CVE-2019-13344
2019-07-05 16:15:11
exploitpack
exploitpack
WordPress Plugin Like Button 1.6.0 - Authentication Bypass
2019-07-08 00:00:00
checkpoint_advisories
checkpoint_advisories
Wordpress Like Button Plugin Authentication Bypass (CVE-2019-13344)
2022-11-14 00:00:00
packetstorm
packetstorm
WordPress Like Button 1.6.0 Authentication Bypass
2019-07-08 00:00:00
wpvulndb
wpvulndb
WP Like Button <= 1.6.0 - Auth Bypass
2019-07-05 00:00:00
nvd
nvd
CVE-2019-13344
2019-07-05 16:15:11