7 matches found
CVE-2023-40199
Cross-Site Request Forgery CSRF vulnerability in CRUDLab WP Like Button plugin = 1.7.0 versions...
CVE-2019-13344
An authentication bypass vulnerability in the CRUDLab WP Like Button plugin through 1.6.0 for WordPress allows unauthenticated attackers to change settings. The contains function in wplikebutton.php did not check if the current request is made by an authorized user, thus allowing any...
CVE-2023-40199
Cross-Site Request Forgery CSRF vulnerability in CRUDLab WP Like Button plugin = 1.7.0 versions...
PT-2023-27318 · WordPress · Crudlab Wp Like Button
Name of the Vulnerable Software and Affected Versions: CRUDLab WP Like Button plugin versions = 1.7.0 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attacker to trick a user into performing unintended actions on a web...
CVE-2019-13344
An authentication bypass vulnerability in the CRUDLab WP Like Button plugin through 1.6.0 for WordPress allows unauthenticated attackers to change settings. The contains function in wplikebutton.php did not check if the current request is made by an authorized user, thus allowing any...
Authentication flaw
An authentication bypass vulnerability in the CRUDLab WP Like Button plugin through 1.6.0 for WordPress allows unauthenticated attackers to change settings. The contains function in wplikebutton.php did not check if the current request is made by an authorized user, thus allowing any...
CVE-2019-13344
An authentication bypass vulnerability in the CRUDLab WP Like Button plugin through 1.6.0 for WordPress allows unauthenticated attackers to change settings. The contains function in wplikebutton.php did not check if the current request is made by an authorized user, thus allowing any...