Vulnerabilities > 2Code > Wpqa Builder > 5.7
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-09 | CVE-2022-3343 | Unspecified vulnerability in 2Code Wpqa Builder 5.2/5.7/5.9 The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and Himer Discy WordPress themes) incorrectly tries to validate that a user already follows another in the wpqa_following_you_ajax action, allowing a user to inflate their score on the site by having another user send repeated follow actions to them. | 3.5 |
2022-11-21 | CVE-2022-3688 | Unspecified vulnerability in 2Code Wpqa Builder 5.2/5.7 The WPQA Builder WordPress plugin before 5.9 does not have CSRF check when following and unfollowing users, which could allow attackers to make logged in users perform such actions via CSRF attacks | 8.8 |