Unrated severityNVD Advisory· Published Jan 9, 2023· Updated Apr 9, 2025
WPQA < 5.9.3 - Missing validation lead to functionality abuse
CVE-2022-3343
Description
The WPQA Builder WordPress plugin before 5.9.3 (which is a companion plugin used with Discy and Himer Discy WordPress themes) incorrectly tries to validate that a user already follows another in the wpqa_following_you_ajax action, allowing a user to inflate their score on the site by having another user send repeated follow actions to them.
Affected products
1Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
1- wpscan.com/vulnerability/e507b1b5-1a56-4b2f-b7e7-e22f6da1e32amitreexploitvdb-entrytechnical-description
News mentions
0No linked articles in our index yet.