Vulnerabilities > CVE-2022-3343 - Unspecified vulnerability in 2Code Wpqa Builder 5.2/5.7/5.9

CVSS 3.5 - LOW

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

LOW

Confidentiality impact

NONE

Integrity impact

LOW

Availability impact

NONE

network

low complexity

2code

NVD

Published: 2023-01-09

Updated: 2023-11-07

Summary

The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and Himer Discy WordPress themes) incorrectly tries to validate that a user already follows another in the wpqa_following_you_ajax action, allowing a user to inflate their score on the site by having another user send repeated follow actions to them.

Vulnerable Configurations

Part	Description	Count
Application	2Code 2Code Wpqa Builder - 2Code Wpqa Builder 5.2 2Code Wpqa Builder 5.7 2Code Wpqa Builder 5.9	4

References

https://wpscan.com/vulnerability/e507b1b5-1a56-4b2f-b7e7-e22f6da1e32a