CVE-2026-0909 | WP ULike Plugin up to 4.8.3.1 on WordPress wp_ulike_delete_history_api ID resource injection

Inserito da Angelo Barbosa | Feb 2, 2026 | CVE

A vulnerability marked as problematic has been reported in WP ULike Plugin up to 4.8.3.1 on WordPress. This vulnerability affects the function wp_ulike_delete_history_api. This manipulation of the argument ID causes improper control of resource identifiers.

This vulnerability appears as CVE-2026-0909. The attack may be initiated remotely. There is no available exploit.

CVE-2026-0909 | WP ULike Plugin up to 4.8.3.1 on WordPress wp_ulike_delete_history_api ID resource injection

Post correlati

CVE-2025-1335 | CmsEasy 7.7.7.9 lib/admin/file_admin.php deleteimg_action imgname path traversal

CVE-2024-44191 | Apple tvOS Bluetooth improper authorization

CVE-2025-12594 | code-projects Simple Online Hotel Reservation System 2.0 /admin/add_account.php Name sql injection

CVE-2024-5031 | Memberpress Plugin up to 1.11.29 on WordPress Shortcode mepr-user-file server-side request forgery