CVE-2023-40332

Published: Jun 4, 2024Modified: Apr 3, 2025

9.8

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Exploitability: 3.9 / Impact: 5.9

Source: NVD

Description

Improper Control of Interaction Frequency vulnerability in Lester ‘GaMerZ’ Chan WP-PostRatings allows Functionality Misuse.This issue affects WP-PostRatings: from n/a through 1.91.

Affected (1)

Products: Lesterchan: Wp Postratings

Lesterchan

1 product

Wp Postratings

Configuration A

1 vulnerable

Vulnerable Software	Affected Versions
Lesterchan Wp Postratings	Before 1.91.1

Related CWEs

CWE-290

Authentication Bypass by Spoofing

This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.

CWE-799

Improper Control of Interaction Frequency

The product does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests.

References (2)

https://patchstack.com/database/vulnerability/wp-postratings/wordpress-wp-postratings-plugin-1-91-rating-limit-bypass-vulnerability?_s_id=cve

Source: audit@patchstack.com

Third Party Advisory

https://patchstack.com/database/vulnerability/wp-postratings/wordpress-wp-postratings-plugin-1-91-rating-limit-bypass-vulnerability?_s_id=cve

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.