CVE-2023-51667

Authentication Bypass by Spoofing vulnerability in FeedbackWP Rate my Post – WP Rating System allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Rate my Post – WP Rating System: from n/a through 3.4.2.

CVSS v3 5.3 MEDIUM

5.3^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 3.9 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://patchstack.com/database/vulnerability/rate-my-post/wordpress-rate-my-post-wp-rating-system-plugin-3-4-2-broken-access-control-vulnerability?_s_id=cve	Third Party Advisory
https://patchstack.com/database/vulnerability/rate-my-post/wordpress-rate-my-post-wp-rating-system-plugin-3-4-2-broken-access-control-vulnerability?_s_id=cve	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:blazzdev:rate_my_post:*:*:*:*:*:wordpress:*:*

History

No history.

Information

Published : 2024-06-04 13:15

Updated : 2025-05-29 20:21

NVD link : CVE-2023-51667

Mitre link : CVE-2023-51667

CVE.ORG link : CVE-2023-51667

JSON object : View

Products Affected

blazzdev

rate_my_post

CWE

CWE-290

Authentication Bypass by Spoofing

{"id": "CVE-2023-51667", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 1.4, "exploitabilityScore": 3.9}, {"type": "Primary", "source": "[email protected]", "cvssData": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8.2, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:N", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}, "impactScore": 4.2, "exploitabilityScore": 3.9}]}, "published": "2024-06-04T13:15:50.500", "references": [{"url": "https://patchstack.com/database/vulnerability/rate-my-post/wordpress-rate-my-post-wp-rating-system-plugin-3-4-2-broken-access-control-vulnerability?_s_id=cve", "tags": ["Third Party Advisory"], "source": "[email protected]"}, {"url": "https://patchstack.com/database/vulnerability/rate-my-post/wordpress-rate-my-post-wp-rating-system-plugin-3-4-2-broken-access-control-vulnerability?_s_id=cve", "tags": ["Third Party Advisory"], "source": "af854a3a-2127-422b-91ae-364da2661108"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "[email protected]", "description": [{"lang": "en", "value": "CWE-290"}]}], "descriptions": [{"lang": "en", "value": "Authentication Bypass by Spoofing vulnerability in FeedbackWP Rate my Post \u2013 WP Rating System allows Accessing Functionality Not Properly Constrained by ACLs.This issue affects Rate my Post \u2013 WP Rating System: from n/a through 3.4.2."}, {"lang": "es", "value": "Vulnerabilidad de omisi\u00f3n de autenticaci\u00f3n mediante falsificaci\u00f3n en FeedbackWP Rate my Post \u2013 WP Rating System permite acceder a la funcionalidad no restringida adecuadamente por las ACL. Este problema afecta a Rate my Post \u2013 WP Rating System: desde n/a hasta 3.4.2."}], "lastModified": "2025-05-29T20:21:02.553", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:blazzdev:rate_my_post:*:*:*:*:*:wordpress:*:*", "vulnerable": true, "matchCriteriaId": "4C35A52B-7B8D-44CA-BA7F-CB9F26833397", "versionEndExcluding": "3.4.3"}], "operator": "OR"}]}], "sourceIdentifier": "[email protected]"}