Description
WordPress Plugin Comments Like Dislike is prone to a security bypass vulnerability. Exploiting this issue may allow attackers to perform otherwise restricted actions and subsequently add unlimited like/dislike to any comment. WordPress Plugin Comments Like Dislike version 1.1.3 is vulnerable; prior versions may also be affected.
Remediation
Update to plugin version 1.1.4 or latest
References
https://sploitus.com/exploit?id=WPEX-ID:AAE7A889-195C-45A3-BBE4-E6D4CD2D7FD9
https://plugins.svn.wordpress.org/comments-like-dislike/trunk/readme.txt
Related Vulnerabilities
Liferay Portal Incorrect Default Permissions Vulnerability (CVE-2022-42130)
WordPress Plugin Blogger To WordPress SQL Injection (2.2.1)
Drupal Cross-Site Request Forgery (CSRF) Vulnerability (CVE-2008-3220)
MongoDb Other Vulnerability (CVE-2024-8305)
WordPress Plugin WP iCommerce-the first interactive ecommerce for wordpress SQL Injection (1.1.1)