Lucene search

CVE-2022-40699

🗓️ 16 Mar 2023 09:09:15Reported by PatchstackType

Cross-Site Scripting (XSS) vulnerability in Dario Curvino Yasr – Yet Another Stars Rating plugi

Reporter	Title	Published	Views	Family All 6
NVD	CVE-2022-40699	16 Mar 202309:15	–	nvd
Patchstack	WordPress Yet Another Stars Rating Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS)	3 Mar 202300:00	–	patchstack
Vulnrichment	CVE-2022-40699 WordPress Yet Another Stars Rating Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS)	16 Mar 202308:57	–	vulnrichment
WPVulnDB	Yet Another Stars Rating < 3.1.3 - Subscriber+ Stored XSS	3 Mar 202300:00	–	wpvulndb
Cvelist	CVE-2022-40699 WordPress Yet Another Stars Rating Plugin <= 3.1.2 is vulnerable to Cross Site Scripting (XSS)	16 Mar 202308:57	–	cvelist
Prion	Cross site scripting	16 Mar 202309:15	–	prion

Nvd

Vulners

Node

yasr_-_yet_another_stars_rating_project yasr_-_yet_another_stars_ratingRange≤3.1.2wordpress

[
  {
    "collectionURL": "https://wordpress.org/plugins",
    "defaultStatus": "unaffected",
    "packageName": "yet-another-stars-rating",
    "product": "Yasr – Yet Another Stars Rating",
    "vendor": "Dario Curvino",
    "versions": [
      {
        "changes": [
          {
            "at": "3.1.3",
            "status": "unaffected"
          }
        ],
        "lessThanOrEqual": "3.1.2",
        "status": "affected",
        "version": "n/a",
        "versionType": "custom"
      }
    ]
  }
]

Source	Link
patchstack	www.patchstack.com/database/vulnerability/yet-another-stars-rating/wordpress-yasr-yet-another-stars-rating-plugin-3-1-2-xss-arbitrary-shortcode-execution-vulnerability

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

16 Mar 2023 09:15Current

5.6Medium risk

Vulners AI Score5.6

CVSS35.4 - 6.1

EPSS0.00342

SSVC

CWE-79