CVE-2022-40310 | HackTesting

Authenticated (subscriber+) Race Condition vulnerability in Rate my Post – WP Rating System plugin <= 3.3.4 at WordPress allows attackers to increase/decrease votes.

Credits

Vulnerability discovered by Nguy Minh Tuan (Patchstack Alliance)

References

https://wordpress.org/plugins/rate-my-post/#developers

https://patchstack.com/database/vulnerability/rate-my-post/wordpress-rate-my-post-wp-rating-system-plugin-3-3-4-race-condition-vulnerability/_s_id=cve