PT-2023-17408 · WordPress · Forminator
Amirmohammad Vakili
+1
·
Publicado
2023-04-07
·
Atualizado
2023-07-11
·
CVE-2023-2010
CVSS v3.1
3.1
Baixa
| Vetor | AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Forminator WordPress plugin versions prior to 1.24.1
Description
The issue arises from the plugin not using an atomic operation to check whether a user has already voted and then update that information, leading to a Race Condition. This condition may allow a single user to vote multiple times on a poll.
Recommendations
For versions prior to 1.24.1, update to version 1.24.1 or later to resolve the issue.
Exploit
Correção
Race Condition
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Forminator