Lucene search
Benjamin LimWPVDB-ID:D41BE606-2F0E-4918-B8E2-384F0289C1D0HistoryJul 05, 2019 - 12:00 a.m.
WP Like Button <= 1.6.0 - Auth Bypass
2019-07-0500:00:00
Benjamin Lim
wpscan.com
8
0.945 High
EPSS
Percentile
99.2%
Authentication Bypass vulnerability in the WP Like Button (Free) plugin version 1.6.0 allows unauthenticated attackers to change the settings of the plugin. The contains() function in wp_like_button.php did not check if the current request is made by an authorized user, thus allowing any unauthenticated user to successfully update the settings of the plugin.
| CPE | Name | Operator | Version |
|---|---|---|---|
| wp-like-button | lt | 1.6.4 |
Related
prion
prion
Authentication flaw
2019-07-05 16:15:00
exploitpack
exploitpack
WordPress Plugin Like Button 1.6.0 - Authentication Bypass
2019-07-08 00:00:00
cvelist
cvelist
CVE-2019-13344
2019-07-05 15:33:45
cve
cve
CVE-2019-13344
2019-07-05 16:15:11
zdt
zdt
WordPress Like Button 1.6.0 Plugin - Authentication Bypass Vulnerability
2019-07-08 00:00:00
patchstack
patchstack
WordPress WP Like Button plugin <= 1.6.0 - Auth Bypass vulnerability
2019-07-10 00:00:00
packetstorm
packetstorm
WordPress Like Button 1.6.0 Authentication Bypass
2019-07-08 00:00:00
nvd
nvd
CVE-2019-13344
2019-07-05 16:15:11
checkpoint_advisories
checkpoint_advisories
Wordpress Like Button Plugin Authentication Bypass (CVE-2019-13344)
2022-11-14 00:00:00
exploitdb
exploitdb
WordPress Plugin Like Button 1.6.0 - Authentication Bypass
2019-07-08 00:00:00