PT-2026-39948 · WordPress · Rate Star Review Vote

Cipher Forensic

·

Published

2026-05-12

·

Updated

2026-05-12

·

CVE-2026-4301

CVSS v3.1

4.3

Medium

VectorAV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Name of the Vulnerable Software and Affected Versions Rate Star Review Vote - AJAX Reviews, Votes, Star Ratings versions prior to 1.6.5
Description The plugin contains a missing authorization flaw in the vwrsr review() AJAX handler, which lacks capability checks and nonce verification, relying only on a check to see if the user is logged in. When the form parameter is set to 'update', the function uses an arbitrary post ID provided via the rating id GET parameter and passes it to wp update post(). This allows authenticated attackers with Subscriber-level access or higher to overwrite a target post's title, content, author, status, and post type. Furthermore, the update post meta() function is used to modify the metadata of the arbitrary post, enabling full post content takeover.
Recommendations Update to a version later than 1.6.4.

Fix

Missing Authorization

Found an issue in the description? Have something to add? Feel free to write us 👾

Weakness Enumeration

Related Identifiers

CVE-2026-4301

Affected Products

Rate Star Review Vote