Lack of Preventing Multiple Follows to the Same Profile ID

Lines of code Vulnerability details Impact The absence of a check for multiple follows to the same profile ID poses a significant security and integrity risk for the smart contract. By exploiting this vulnerability, a malicious user could inflate the number of followers for a particular profile I...

PT-2023-13313 · WordPress · Wpqa Builder

Name of the Vulnerable Software and Affected Versions: WPQA Builder WordPress plugin versions prior to 5.9.3 Description: The issue arises from incorrect validation in the wpqa following you ajax action, allowing a user to inflate their score by receiving repeated follow actions from another user...

CVE-2022-3688

The WPQA Builder WordPress plugin before 5.9 does not have CSRF check when following and unfollowing users, which could allow attackers to make logged in users perform such actions via CSRF attacks...

X (Formerly Twitter): Periscope iOS app CSRF in follow action due to deeplink

Summary This issue is mainly in the Periscope iOS app against CSRF follow action using deeplink. as the report 583987 the CSRF work on iOS app POC 1 QR code to follow periscope profile pscp://user/periscopeco/follow ███████ POC2 by kunal94 /follow"CSRF DEMO video █████████ Impact CSRF Follow...