CVE-2023-39305

Published Dec 13, 2024

Last updated 5 months ago

CVSS medium 5.3

Overview

Description
Missing Authorization vulnerability in YetAnotherStarsRating.com Yet Another Stars Rating allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yet Another Stars Rating: from n/a through 3.4.3.
Source
audit@patchstack.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
5.3
Impact score
1.4
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N
Severity
MEDIUM

Weaknesses

audit@patchstack.com
CWE-862

Social media

Hype score
Not currently trending

  1. CVE-2023-39305 (Published: 2024-12-13) affects the Yet Another Stars Rating plugin (version 3.4.3) due to a broken access control vulnerability. Users are urged to update to the latest version to mitigate risks. For more details, visit: https://t.co/70w386iWXp #WordPress… https:/

    @transilienceai

    16 Dec 2024

    20 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. 🚨 CVE-2023-39305 (Published: 2024-12-13) - A critical vulnerability in the "Yet Another Stars Rating" plugin for WordPress (versions affected: 3.4.3). 🛠️ Remediation is crucial! Update to the latest version to protect your site. More info: https://t.co/70w386iWXp #WordPress… ht

    @transilienceai

    16 Dec 2024

    30 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  3. CVE-2023-39305 Missing Authorization vulnerability in https://t.co/6HKyhssO5W Yet Another Stars Rating allows Exploiting Incorrectly Configured Access Control Security Levels.This… https://t.co/WMhP9SKNmt

    @CVEnew

    14 Dec 2024

    574 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  4. 🚨 CVE-2023-39305 (Published: 2024-12-13) - A broken access control vulnerability found in the "Yet Another Stars Rating" plugin (v3.4.3). Users are urged to update to the latest version to mitigate risks. More details: https://t.co/70w386iWXp #WordPress #Security

    @transilienceai

    14 Dec 2024

    14 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. 🚨 CVE-2023-39305 | Published: 2024-12-13 🚨 A critical vulnerability in the "Yet Another Stars Rating" plugin (v3.4.3) for WordPress has been identified. This broken access control issue can be exploited. 🛠️ Remediation: Update to the latest version immediately! More info:… htt

    @transilienceai

    14 Dec 2024

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References

Sources include official advisories and independent security research.