Yet Another Stars Rating <= 3.3.8 is vulnerable to Race Condition vulnerability

Unauthenticated

Published
2023-07-09

The Yet Another Stars Rating plugin for WordPress is vulnerable to vote tampering in versions up to, and including, 3.3.8. This vulnerability can be utilized by unauthenticated users to vote repeatedly.

CVE

https://www.cve.org/CVERecord?id=CVE-2023-37867

CVSS

Score:3.7

Severity:Low

Version: 3.3.8

There is a patch available in v3.3.9 and we strongly recommend you update to this version as soon as possible.