Lucene search
+L

49 matches found

prion
prion
added 2023/03/14 9:15 a.m.18 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Daniel Powney Multi Rating plugin = 5.0.5 versions...

6.8CVSS8.7AI score0.00326EPSS
Exploits0References1Affected Software1
vulnrichment
vulnrichment
added 2023/03/14 8:26 a.m.10 views

CVE-2022-47443 WordPress Multi Rating Plugin <= 5.0.5 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Daniel Powney Multi Rating plugin = 5.0.5 versions...

4.3CVSS8.8AI score0.00326EPSS
Exploits0References1
cve
cve
added 2023/03/14 8:26 a.m.50 views

CVE-2022-47443

CVE-2022-47443 pertains to the WordPress Multi Rating plugin (Daniel Powney)

8.8CVSS6.5AI score0.00326EPSS
Exploits0References1Affected Software1
ptsecurity
ptsecurity
added 2023/03/14 12:0 a.m.4 views

PT-2023-15319 · WordPress · Daniel Powney Multi Rating

Name of the Vulnerable Software and Affected Versions: Daniel Powney Multi Rating plugin versions = 5.0.5 Description: The issue is related to a Cross-Site Request Forgery CSRF vulnerability. This means an attacker could potentially trick a user into performing unintended actions on a web...

8.8CVSS8.4AI score0.00326EPSS
Exploits0References4
cnnvd
cnnvd
added 2023/03/14 12:0 a.m.6 views

WordPress Plugin Daniel Powney Multi Rating 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. WordPress Plugin Daniel...

8.8CVSS7.8AI score0.00326EPSS
Exploits0References2
patchstack
patchstack
added 2023/02/14 12:0 a.m.14 views

WordPress Multi Rating Plugin <= 5.0.6 is vulnerable to Cross Site Scripting (XSS)

Software Multi Rating Type Plugin Vulnerable versions = 5.0.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-47433 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID dedf07346191 Credits minhtuanact Required...

7.1CVSS5.9AI score0.00382EPSS
Exploits0References1Affected Software1
patchstack
patchstack
added 2023/02/02 12:0 a.m.3 views

WordPress Multi Rating Plugin <= 5.0.6 is vulnerable to Broken Access Control

Software Multi Rating Type Plugin Vulnerable versions = 5.0.6 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-25053 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 49ce4d920ef6 Credits minhtuanact Required privilege...

6.5AI score
Exploits0References1Affected Software1
patchstack
patchstack
added 2023/02/02 12:0 a.m.9 views

WordPress Multi Rating Plugin <= 5.0.5 is vulnerable to Cross Site Request Forgery (CSRF)

Software Multi Rating Type Plugin Vulnerable versions = 5.0.5 Fixed in 5.0.6 OWASP Top 10 A5: Broken Access Control Classification Cross Site Request Forgery CSRF CVE CVE-2022-47443 Patch priority Low CVSS severity Low 4.3 Developer Claim ownership PSID 1dcbbd6b8544 Credits rezaduty Required...

8.8CVSS6.6AI score0.00326EPSS
Exploits0References1Affected Software1
wpvulndb
wpvulndb
added 2023/02/02 12:0 a.m.22 views

Multi Rating < 5.0.6 - Ratings Deletion via CSRF

The plugin does not have CSRF check when deleting ratings, which could allow attackers to make logged in admins to perform such action via a CSRF attack...

8.8CVSS8.2AI score0.00326EPSS
Exploits0Affected Software1
Rows per page
Query Builder