CVE-2022-45842

  1. OpenCVE
  2. Vulnerabilities (CVE)
  3. CVE-2022-45842
Unauth. Race Condition vulnerability in WP ULike Plugin <= 4.6.4 on WordPress allows attackers to increase/decrease rating scores.

5.3 /10

CVSS v3 : MEDIUM

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact LOW

Availability Impact NONE

Scope UNCHANGED

References
Link Resource
https://patchstack.com/database/vulnerability/wp-ulike/wordpress-wp-ulike-plugin-4-6-3-race-condition-vulnerability?_s_id=cve Third Party Advisory
https://patchstack.com/database/vulnerability/wp-ulike/wordpress-wp-ulike-plugin-4-6-3-race-condition-vulnerability?_s_id=cve Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:wpulike:wp_ulike:*:*:*:*:*:wordpress:*:*
History

21 Nov 2024, 07:29

Type Values Removed Values Added
CVSS v2 : unknown
v3 : 3.7 		v2 : unknown
v3 : 5.3
References () https://patchstack.com/database/vulnerability/wp-ulike/wordpress-wp-ulike-plugin-4-6-3-race-condition-vulnerability?_s_id=cve - Third Party Advisory () https://patchstack.com/database/vulnerability/wp-ulike/wordpress-wp-ulike-plugin-4-6-3-race-condition-vulnerability?_s_id=cve - Third Party Advisory

16 Sep 2024, 21:15

Type Values Removed Values Added
Summary (en) Unauth. Race Condition vulnerability in WP ULike Plugin <= 4.6.4 on WordPress allows attackers to increase/decrease rating scores. (en) Unauth. Race Condition vulnerability in WP ULike Plugin <= 4.6.4 on WordPress allows attackers to increase/decrease rating scores.

02 Dec 2022, 15:09

Type Values Removed Values Added
CPE cpe:2.3:a:wpulike:wp_ulike:*:*:*:*:*:wordpress:*:*
CVSS v2 : unknown
v3 : unknown 		v2 : unknown
v3 : 3.7
References (MISC) https://patchstack.com/database/vulnerability/wp-ulike/wordpress-wp-ulike-plugin-4-6-3-race-condition-vulnerability?_s_id=cve - (MISC) https://patchstack.com/database/vulnerability/wp-ulike/wordpress-wp-ulike-plugin-4-6-3-race-condition-vulnerability?_s_id=cve - Third Party Advisory

30 Nov 2022, 13:48

Type Values Removed Values Added
New CVE
Information

Published : 2022-11-30 13:15

Updated : 2024-11-21 07:29

NVD link : CVE-2022-45842

Mitre link : CVE-2022-45842

CVE.ORG link : CVE-2022-45842

JSON object : View

Products Affected

wpulike

  • wp_ulike
CWE
CWE-367

Time-of-check Time-of-use (TOCTOU) Race Condition