3 matches found
KK Star Ratings Race Condition
Exploit Title: kk Star Ratings Extensions Turbo Intruder Send to turbo intruder. 5- Drop the initial request and turn Intercept off. 6- In the Turbo Intruder window, add "%s" to the end of the connection header e.g. "Connection: close %s". 7- Use the code examples/race.py. 8- Click "Attack" at th...
CVE-2023-4642 kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition
The kk Star Ratings WordPress plugin before 5.4.6 does not implement atomic operations, allowing one user vote multiple times on a poll due to a Race Condition...
CVE-2023-4642
Summary of CVE-2023-4642 (kk Star Ratings WordPress plugin) : The vulnerability affects the kk Star Ratings WordPress plugin versions prior to 5.4.6. The root cause is a race condition stemming from the plugin not implementing atomic operations, which can allow a single user to submit multiple vo...