exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 8 of 8 RSS Feed

CVE-2023-3244

Status Candidate

Overview

The Comments Like Dislike plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the restore_settings function called via an AJAX action in versions up to, and including, 1.1.9. This makes it possible for authenticated attackers with minimal permissions, such as a subscriber, to reset the plugin's settings. NOTE: After attempting to contact the developer with no response, and reporting this to the WordPress plugin's team 30 days ago we are disclosing this issue as it still is not updated.

Related Files

WordPress Comments Like Dislike 1.2.0 Missing Authorization
Posted Feb 27, 2024
Authored by Diaa Hanna

WordPress Comments Like Dislike plugin versions 1.2.0 and below suffer from a missing capability check on the restore_settings function that allows an attacker to reset the plugin's settings.

tags | exploit
advisories | CVE-2023-3244
SHA-256 | 30694c0d87c0279433026fa6057e69b38edd9bdf49da277bc82125dd688bd97e
Download | Favorite | View
Apple Security Advisory 2023-07-24-8
Posted Jul 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-07-24-8 - watchOS 9.6 addresses bypass, code execution, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-32381, CVE-2023-32416, CVE-2023-32433, CVE-2023-32441, CVE-2023-32734, CVE-2023-35993, CVE-2023-37450, CVE-2023-38133, CVE-2023-38136, CVE-2023-38565, CVE-2023-38572, CVE-2023-38580, CVE-2023-38593, CVE-2023-38594
SHA-256 | 03d0aae896b234bedefafcc6cdf2d4b950fad52f9d153fb12c3ce0ca2f618bd5
Download | Favorite | View
Apple Security Advisory 2023-07-24-7
Posted Jul 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-07-24-7 - tvOS 16.6 addresses bypass, code execution, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-32381, CVE-2023-32433, CVE-2023-32441, CVE-2023-32734, CVE-2023-35993, CVE-2023-37450, CVE-2023-38133, CVE-2023-38572, CVE-2023-38594, CVE-2023-38595, CVE-2023-38600, CVE-2023-38606, CVE-2023-38611
SHA-256 | d29c659b0a0ca1c8d52c08bd15c84087590dc344b780dd274ca0bfea5c832f9f
Download | Favorite | View
Apple Security Advisory 2023-07-24-6
Posted Jul 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-07-24-6 - macOS Big Sur 11.7.9 addresses code execution, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-2953, CVE-2023-32381, CVE-2023-32418, CVE-2023-32433, CVE-2023-32441, CVE-2023-32443, CVE-2023-35983, CVE-2023-35993, CVE-2023-36854, CVE-2023-38259
SHA-256 | ee0e370612feffcdd195d2217699ccfdfa302e2ed0cf29ec464c6c6c2bde8f81
Download | Favorite | View
Apple Security Advisory 2023-07-24-5
Posted Jul 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-07-24-5 - macOS Monterey 12.6.8 addresses code execution, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-2953, CVE-2023-32381, CVE-2023-32416, CVE-2023-32418, CVE-2023-32433, CVE-2023-32441, CVE-2023-32442, CVE-2023-32443, CVE-2023-35983, CVE-2023-35993
SHA-256 | 8f28ed064f450316ecc855c2c8e034834dfbba8071bddb178c5eb88e95963236
Download | Favorite | View
Apple Security Advisory 2023-07-24-4
Posted Jul 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-07-24-4 - macOS Ventura 13.5 addresses bypass, code execution, out of bounds read, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple
advisories | CVE-2023-28319, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2023-2953, CVE-2023-32364, CVE-2023-32381, CVE-2023-32416, CVE-2023-32418, CVE-2023-32429, CVE-2023-32433, CVE-2023-32441, CVE-2023-32442, CVE-2023-32443
SHA-256 | c637626493b675cefdcd4fdba35ad174a41ee73e582783331eefed49239a1e71
Download | Favorite | View
Apple Security Advisory 2023-07-24-3
Posted Jul 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-07-24-3 - iOS 15.7.8 and iPadOS 15.7.8 addresses bypass, code execution, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, ios
advisories | CVE-2023-23540, CVE-2023-32409, CVE-2023-32416, CVE-2023-32433, CVE-2023-32441, CVE-2023-35993, CVE-2023-38133, CVE-2023-38572, CVE-2023-38594, CVE-2023-38597, CVE-2023-38606
SHA-256 | 585e92bd8c9efdfcc2b29c1705757bb25ab4b206bdd46fcbdf792a97518ed86a
Download | Favorite | View
Apple Security Advisory 2023-07-24-2
Posted Jul 26, 2023
Authored by Apple | Site apple.com

Apple Security Advisory 2023-07-24-2 - iOS 16.6 and iPadOS 16.6 addresses bypass, code execution, and use-after-free vulnerabilities.

tags | advisory, vulnerability, code execution
systems | apple, ios
advisories | CVE-2023-32381, CVE-2023-32416, CVE-2023-32433, CVE-2023-32437, CVE-2023-32441, CVE-2023-32734, CVE-2023-35993, CVE-2023-37450, CVE-2023-38133, CVE-2023-38136, CVE-2023-38261, CVE-2023-38410, CVE-2023-38424, CVE-2023-38425
SHA-256 | cf80aa15c014214fb49963259f82d2aa8e172f2770e7bd27d65ad4ed7230464d
Download | Favorite | View
Page 1 of 1
Back1Next

File Archive:

December 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Dec 1st
    0 Files
  • 2
    Dec 2nd
    41 Files
  • 3
    Dec 3rd
    0 Files
  • 4
    Dec 4th
    0 Files
  • 5
    Dec 5th
    0 Files
  • 6
    Dec 6th
    0 Files
  • 7
    Dec 7th
    0 Files
  • 8
    Dec 8th
    0 Files
  • 9
    Dec 9th
    0 Files
  • 10
    Dec 10th
    0 Files
  • 11
    Dec 11th
    0 Files
  • 12
    Dec 12th
    0 Files
  • 13
    Dec 13th
    0 Files
  • 14
    Dec 14th
    0 Files
  • 15
    Dec 15th
    0 Files
  • 16
    Dec 16th
    0 Files
  • 17
    Dec 17th
    0 Files
  • 18
    Dec 18th
    0 Files
  • 19
    Dec 19th
    0 Files
  • 20
    Dec 20th
    0 Files
  • 21
    Dec 21st
    0 Files
  • 22
    Dec 22nd
    0 Files
  • 23
    Dec 23rd
    0 Files
  • 24
    Dec 24th
    0 Files
  • 25
    Dec 25th
    0 Files
  • 26
    Dec 26th
    0 Files
  • 27
    Dec 27th
    0 Files
  • 28
    Dec 28th
    0 Files
  • 29
    Dec 29th
    0 Files
  • 30
    Dec 30th
    0 Files
  • 31
    Dec 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close