3 matches found
CVE-2022-3343 WPQA < 5.9.3 - Missing validation lead to functionality abuse
The WPQA Builder WordPress plugin before 5.9.3 which is a companion plugin used with Discy and Himer Discy WordPress themes incorrectly tries to validate that a user already follows another in the wpqafollowingyouajax action, allowing a user to inflate their score on the site by having another us...
CVE-2022-3343
The CVE-2022-3343 entry concerns the WPQA Builder WordPress plugin (pre-5.9.3) used with Discy/Himer themes. Affected component: wpqa_following_you_ajax action. Root cause: insufficient validation to verify if a user already follows another, enabling exploitation by having another user repeatedly...
CVE-2022-3343 WPQA < 5.9.3 - Missing validation lead to functionality abuse
The WPQA Builder WordPress plugin before 5.9.3 which is a companion plugin used with Discy and Himer Discy WordPress themes incorrectly tries to validate that a user already follows another in the wpqafollowingyouajax action, allowing a user to inflate their score on the site by having another us...