9.8
CVE-2023-40332
- EPSS 0.63%
- Veröffentlicht 04.06.2024 08:15:09
- Zuletzt bearbeitet 03.04.2025 00:27:22
- Quelle audit@patchstack.com
- CVE-Watchlists
- Unerledigt
WP-PostRatings <= 1.91 - IP Spoofing
Improper Control of Interaction Frequency vulnerability in Lester ‘GaMerZ’ Chan WP-PostRatings allows Functionality Misuse.This issue affects WP-PostRatings: from n/a through 1.91.
Mögliche Gegenmaßnahme
WP-PostRatings: Update to version 1.91.1, or a newer patched version
Verknüpft mit AI von unstrukturierten Daten zu bestehenden CPE der NVD
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginWeitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
WP-PostRatings
Version
*-1.91
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Lesterchan ≫ Wp-postratings SwPlatformwordpress Version < 1.91.1
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.63% | 0.695 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 9.8 | 3.9 | 5.9 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
|
| audit@patchstack.com | 5.3 | 3.9 | 1.4 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
|
CWE-290 Authentication Bypass by Spoofing
This attack-focused weakness is caused by incorrectly implemented authentication schemes that are subject to spoofing attacks.
CWE-799 Improper Control of Interaction Frequency
The product does not properly limit the number or frequency of interactions that it has with an actor, such as the number of incoming requests.