CVE-2023-36528
WordPress kk Star Ratings plugin <= 5.4.3 - Rate Manipulation due to IP Spoofing VulnerabilityMissing Authorization vulnerability in FeedbackWP kk Star Ratings allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects kk Star Ratings: from n/a through 5.4.3.
We have discovered 7,647 live websites that are affected by CVE-2023-36528.
Affected Software
| Product |  kk Star Ratings |
| Category | Wordpress Plugins |
| Vulnerable Domains | 7,647 live websites (25.22% of kk Star Ratings install base) |
| Vulnerable Versions |
|
| Vulnerable Versions Count | 51 versions ( 72.86% of all versions) |
Common Weakness Enumeration
CWE-862 Missing AuthorizationDetails
- Published - Dec 13, 2024
- Updated - Dec 13, 2024
Credits
- Mika (Patchstack Alliance) (finder)
CWE
CVE References
CWE References
CVE-2023-36528 usage by Country
 United States | 1,878 websites |
 Vietnam | 1,620 websites |
 France | 755 websites |
 Germany | 536 websites |
 Poland | 467 websites |
 Iran | 365 websites |
 Russia | 361 websites |
 Spain | 281 websites |
 Slovakia | 102 websites |
 Israel | 99 websites |
CVE-2023-36528 usage by TLD
| .com | 2,948 websites |
| .net | 427 websites |
| .pl | 407 websites |
| .ru | 368 websites |
| .fr | 316 websites |
| .de | 194 websites |
| .org | 187 websites |
| .es | 149 websites |
| .com.br | 115 websites |
| .info | 99 websites |
Vulnerable Versions
Vulnerable versions are highlighted in redWebsites affected by CVE-2023-36528
Top websites that are affected by CVE-2023-36528. Please click on the "Contact us" link to get more information.| Domain | Country | Rank | Contacts |
|---|---|---|---|
| ****.com | United States | *,*** | |
| *******************.ro |  Romania | **,*** | |
| **************.org | United States | **,*** | |
| *******.com | United States | **,*** | |
| **********.com |  GB | **,*** | |
| *****.dk | United States | **,*** | |
| **************.com | Spain | **,*** | |
| ******.net | Vietnam | **,*** | |
| ********.***.vn | Vietnam | **,*** | |
| *********.com | United States | ***,*** |
FAQ
CVE-2023-36528 is Missing Authorization in kk Star Ratings
A total of 7,647 websites have been identified as vulnerable to CVE-2023-36528, discovered through global website indexing conducted by WebTechSurvey.
kk Star Ratings is susceptible to CVE-2023-36528 vulnerability.
kk Star Ratings versions before, and including, 5.4.3 are vulnerable to CVE-2023-36528.