Alimir WP ULike Missing Authorization Vulnerability Allowing Content Spoofing

Vulnerability

A missing authorization vulnerability has been identified in the Alimir WP ULike plugin for WordPress, affecting versions through 4.7.9.1. This vulnerability allows unauthorized users to inject content into pages and posts, potentially leading to the insertion of phishing materials.

Impact

Exploitation of this vulnerability could result in content spoofing, allowing attackers to manipulate the content displayed on the website. This could be used to inject misleading information or create phishing pages that appear legitimate to users.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

1.3

exploitability

7.6

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

1.3

exploitability

7.6

remediation

0.0

relevance

0.0

threat

0.0

urgency

2.9

incentive

5.8

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Alimir WP ULike Missing Authorization Vulnerability Allowing Content Spoofing

Vulnerability

Impact

Affected Products

Alimir WP ULike

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating