CVE-2024-32685

🗓️ 17 May 2024 08:59:35Reported by PatchstackType

Client-Side Enforcement of Server-Side Security vulnerability in Wpmet Wp Ultimate Review allows Functionality Bypass. Affecting version: n/a through 2.2.

Reporter	Title	Published	Views	Family All 12
CNNVD	WordPress plugin Wp Ultimate Review 安全漏洞	17 May 202400:00	–	cnnvd
Cvelist	CVE-2024-32685 WordPress WP Ultimate Review plugin <= 2.2.5 - Review Score Manipulation vulnerability	17 May 202408:59	–	cvelist
EUVD	EUVD-2024-30472	3 Oct 202520:07	–	euvd
NVD	CVE-2024-32685	17 May 202409:15	–	nvd
OSV	CVE-2024-32685	17 May 202409:15	–	osv
Patchstack	WordPress WP Ultimate Review plugin <= 2.2.5 - Review Score Manipulation vulnerability	17 Apr 202414:18	–	patchstack
Patchstack	WordPress Wp Ultimate Review Plugin <= 2.2.5 is vulnerable to Bypass Vulnerability	17 Apr 202400:00	–	patchstack
Positive Technologies	PT-2024-24771 · Unknown · Wp Ultimate Review	17 May 202400:00	–	ptsecurity
RedhatCVE	CVE-2024-32685	23 May 202508:34	–	redhatcve
Vulnrichment	CVE-2024-32685 WordPress WP Ultimate Review plugin <= 2.2.5 - Review Score Manipulation vulnerability	17 May 202408:59	–	vulnrichment

NVD

Vulners

Vulnrichment

Node

wpmet wp_ultimate_reviewRange<2.3.0wordpress

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "wp-ultimate-review",
    "product": "Wp Ultimate Review",
    "vendor": "Wpmet",
    "versions": [
      {
        "changes": [
          {
            "at": "2.3.0",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "2.2.5",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/wp-ultimate-review/wordpress-wp-ultimate-review-plugin-2-2-5-review-score-manipulation-vulnerability

17 Jun 2026 07:30Current

6.8Medium risk

Vulners AI Score6.8

CVSS 3.15.3

EPSS0.00388

SSVC

CWE-602