The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower. Rated low severity (CVSS 3.1), this vulnerability is remotely exploitable. Public exploit code available and no vendor patch available.
Race Condition
WordPress
Information Disclosure
Anycomment
NVD
WPScan
CVSS 3.1
3.1
EPSS
0.5%