PT-2022-25343 · WordPress · Rate My Post – Wp Rating System

Nguy Minh

Published

2022-09-23

Updated

2022-09-26

CVE-2022-40310

CVSS v3.1

4.3

Medium

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions Rate my Post – WP Rating System plugin versions <= 3.3.4

Description The issue allows attackers to manipulate votes by exploiting a race condition in the plugin. This can result in increased or decreased votes.

Recommendations For Rate my Post – WP Rating System plugin versions <= 3.3.4, update to a version higher than 3.3.4 to resolve the issue.

Fix

Race Condition

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-362

Related Identifiers

CVE-2022-40310

Affected Products

Rate My Post – Wp Rating System

PT-2022-25343 · WordPress · Rate My Post – Wp Rating System

CVE-2022-40310

Weakness Enumeration

Related Identifiers

Affected Products

References · 4