Lucene search
HistoryNov 27, 2023 - 5:15 p.m.
CVE-2023-4642
wordpress
star ratings
race condition
vulnerability
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
17.8%
The kk Star Ratings WordPress plugin before 5.4.6 does not implement atomic operations, allowing one user vote multiple times on a poll due to a Race Condition.
Affected configurations
Node
kamalkhankk_star_ratingsRange<5.4.6wordpress
| Vendor | Product | Version | CPE |
|---|---|---|---|
| kamalkhan | kk_star_ratings | * | cpe:2.3:a:kamalkhan:kk_star_ratings:*:*:*:*:*:wordpress:*:* |
Related
prion
prion
Race condition
2023-11-27 17:15:00
cvelist
cvelist
CVE-2023-4642 kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition
2023-11-27 16:21:58
openvas
openvas
WordPress kk Star Ratings Plugin < 5.4.6 Race Condition Vulnerability
2023-11-29 00:00:00
wpvulndb
wpvulndb
kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition
2023-11-06 00:00:00
packetstorm
packetstorm
KK Star Ratings Race Condition
2024-03-05 00:00:00
wpexploit
wpexploit
kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition
2023-11-06 00:00:00
zdt
zdt
kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition Vulnerability
2024-03-05 00:00:00
exploitdb
exploitdb
kk Star Ratings < 5.4.6 - Rating Tampering via Race Condition
2024-03-05 00:00:00
cve
cve
CVE-2023-4642
2023-11-27 17:15:08
CVSS3
5.9
Attack Vector
NETWORK
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
EPSS
0.001
Percentile
17.8%
Related for NVD:CVE-2023-4642