CVE-2018-1000511
WP ULike versions 2.8.1 and 3.1 contain an Incorrect Access Control vulnerability in AJAX that allows an attacker to delete arbitrary rows in certain database tables. The issue is exploitable by making an AJAX request; no exploitation status is provided in the sources. The vulnerability appears t...