CVE-2023-40332

CRITICAL Year: 2023
CVSS v3 Score
9.8
Critical
Weakness Type
CWE-799
View all →

Vulnerability Description

Improper Control of Interaction Frequency vulnerability in Lester ‘GaMerZ’ Chan WP-PostRatings allows Functionality Misuse.This issue affects WP-PostRatings: from n/a through 1.91.

Related Vulnerabilities

CVE-2024-48942

CRITICAL
CVSS:9.1(Critical)

The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to easily brute-force the 2FA PIN via the plugins/servlet/twofactor/public/pinvalidati...

CWE-7992024

CVE-2021-41177

HIGH
CVSS:8.1(High)

Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, Nextcloud Server did not implement a database backend for rate-limiting purposes. Any com...

CWE-7992021

CVE-2024-48942

CRITICAL
CVSS:9.1(Critical)

The Syracom Secure Login (2FA) plugin for Jira, Confluence, and Bitbucket through 3.1.4.5 allows remote attackers to easily brute-force the 2FA PIN via the plugins/servlet/twofactor/public/pinvalidati...

CWE-7992024

CVE-2021-41177

HIGH
CVSS:8.1(High)

Nextcloud is an open-source, self-hosted productivity platform. Prior to versions 20.0.13, 21.0.5, and 22.2.0, Nextcloud Server did not implement a database backend for rate-limiting purposes. Any com...

CWE-7992021

CVE-2021-32705

HIGH
CVSS:7.5(High)

Nextcloud Server is a Nextcloud package that handles data storage. In versions prior to 19.0.13, 20.011, and 21.0.3, there was a lack of ratelimiting on the public DAV endpoint. This may have allowed ...

CWE-7992021

CVE-2023-35621

HIGH
CVSS:7.5(High)

Microsoft Dynamics 365 Finance and Operations Denial of Service Vulnerability

CWE-7992023