Harsh Tandel

**Name of the Vulnerable Software and Affected Versions** WPQA Builder WordPress plugin versions prior to 5.9.3 **Description** The issue arises from incorrect validation in the `wpqa following you ajax` action, allowing a user to inflate their score by receiving repeated follow actions from another user. This can be exploited by having another user send multiple follow requests. **Recommendations** For WPQA Builder WordPress plugin versions prior to 5.9.3, update to version 5.9.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the `wpqa following you ajax` action to minimize the risk of exploitation.