WordPress WP ULike Plugin <= 4.6.4 is vulnerable to Race Condition vulnerability
CVE-2022-45842

3.7LOW

Key Information:

Vendor: Wordpress
Status: WP Ulike (WordPress Plugin)
Vendor: CVE Published:; 30 November 2022

Summary

Unauth. Race Condition vulnerability in WP ULike Plugin <= 4.6.4 on WordPress allows attackers to increase/decrease rating scores.

Affected Version(s)

WP ULike (WordPress plugin) <= 4.6.4

References

https://patchstack.com/database/vulnerability/wp-ulike/wo...

CVSS V3.1

Score:

3.7

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

High

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 30, 2022
Vulnerability Reserved
Nov 23, 2022

Credit

minhtuanact (Patchstack Alliance)

.