CVE-2022-3343

Name of the Vulnerable Software and Affected Versions WPQA Builder WordPress plugin versions prior to 5.9.3

Description The issue arises from incorrect validation in the wpqa following you ajax action, allowing a user to inflate their score by receiving repeated follow actions from another user. This can be exploited by having another user send multiple follow requests.

Recommendations For WPQA Builder WordPress plugin versions prior to 5.9.3, update to version 5.9.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the wpqa following you ajax action to minimize the risk of exploitation.