CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-3244

The Comments Like Dislike plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the restore_settings function called via an AJAX action in versions up to, and including, 1.2.0. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to reset the plugin's settings. NOTE: this issue is was only partially patched in version 1.2.0, as the nonce is still present to subscriber-level users.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.033

EPSS Ranking 87.2%

CVSS Severity

CVSS v3 Score 4.3

References

Products affected by CVE-2023-3244

Wphappycoders » Comments Like Dislike » Version: 1.0.0

cpe:2.3:a:wphappycoders:comments_like_dislike:1.0.0
Wphappycoders » Comments Like Dislike » Version: 1.0.1

cpe:2.3:a:wphappycoders:comments_like_dislike:1.0.1
Wphappycoders » Comments Like Dislike » Version: 1.0.2

cpe:2.3:a:wphappycoders:comments_like_dislike:1.0.2
Wphappycoders » Comments Like Dislike » Version: 1.0.3

cpe:2.3:a:wphappycoders:comments_like_dislike:1.0.3
Wphappycoders » Comments Like Dislike » Version: 1.0.4

cpe:2.3:a:wphappycoders:comments_like_dislike:1.0.4
Wphappycoders » Comments Like Dislike » Version: 1.0.5

cpe:2.3:a:wphappycoders:comments_like_dislike:1.0.5
Wphappycoders » Comments Like Dislike » Version: 1.0.6

cpe:2.3:a:wphappycoders:comments_like_dislike:1.0.6
Wphappycoders » Comments Like Dislike » Version: 1.0.7

cpe:2.3:a:wphappycoders:comments_like_dislike:1.0.7
Wphappycoders » Comments Like Dislike » Version: 1.0.8

cpe:2.3:a:wphappycoders:comments_like_dislike:1.0.8
Wphappycoders » Comments Like Dislike » Version: 1.0.9

cpe:2.3:a:wphappycoders:comments_like_dislike:1.0.9
Wphappycoders » Comments Like Dislike » Version: 1.1.0

cpe:2.3:a:wphappycoders:comments_like_dislike:1.1.0
Wphappycoders » Comments Like Dislike » Version: 1.1.1

cpe:2.3:a:wphappycoders:comments_like_dislike:1.1.1
Wphappycoders » Comments Like Dislike » Version: 1.1.2

cpe:2.3:a:wphappycoders:comments_like_dislike:1.1.2
Wphappycoders » Comments Like Dislike » Version: 1.1.3

cpe:2.3:a:wphappycoders:comments_like_dislike:1.1.3
Wphappycoders » Comments Like Dislike » Version: 1.1.4

cpe:2.3:a:wphappycoders:comments_like_dislike:1.1.4
Wphappycoders » Comments Like Dislike » Version: 1.1.5

cpe:2.3:a:wphappycoders:comments_like_dislike:1.1.5
Wphappycoders » Comments Like Dislike » Version: 1.1.6

cpe:2.3:a:wphappycoders:comments_like_dislike:1.1.6
Wphappycoders » Comments Like Dislike » Version: 1.1.7

cpe:2.3:a:wphappycoders:comments_like_dislike:1.1.7
Wphappycoders » Comments Like Dislike » Version: 1.1.8

cpe:2.3:a:wphappycoders:comments_like_dislike:1.1.8
Wphappycoders » Comments Like Dislike » Version: 1.1.9

cpe:2.3:a:wphappycoders:comments_like_dislike:1.1.9

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-3244

Products

Pricing

Contact Us