186 matches found
Code injection
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-tools page...
CVE-2018-5290
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page...
CVE-2018-5288
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page...
Directory traversal
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page...
CVE-2018-5286
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-about page...
CVE-2018-5291
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-tools page...
Code injection
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page...
CVE-2018-5293
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-tools page...
CVE-2018-5289
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-information page...
CVE-2018-5287
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-about page...
CVE-2018-5286
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-about page...
CVE-2018-5288
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page...
CVE-2018-5292
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-information page...
CVE-2018-5290
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page...
CVE-2018-5286
The WordPress GD Rating System plugin version 2.3 is affected by an XSS vulnerability in the gd-rating-system-about page, exploitable via the wp-admin/admin.php parameter. The CVE notes a cross-site scripting issue with I=P and Gained impact mainly on integrity, with no explicit exploit details p...
CVE-2018-5287
CVE-2018-5287 affects the WordPress GD Rating System plugin, version 2.3. A directory traversal flaw exists in the wp-admin/admin.php parameter for the gd-rating-system-about page, enabling an attacker to read arbitrary files on the server. Public CVSS metrics show base scores of 5.0 (NVD CVSS2) ...
CVE-2018-5289
The CVE-2018-5289 entry concerns WordPress GD Rating System plugin version 2.3, which exposes a Directory Traversal vulnerability in the wp-admin/admin.php parameter for the gd-rating-system-information page. The CNVD/OpenVAS records corroborate a traversal flaw that can enable reading arbitrary ...
CVE-2018-5290
The CVE-2018-5290 entry concerns WordPress GD Rating System plugin version 2.3, which suffers a directory traversal vulnerability in the gd-rating-system-transfer path via wp-admin/admin.php. This allows reading arbitrary files on the server (CNVD/OpenVAS details; CVSSv3 base 7.5, high). Patch st...
CVE-2018-5291
CVE-2018-5291 affects WordPress GD Rating System plugin v2.3. The vulnerability is a directory traversal flaw in the wp-admin/admin.php panel on the gd-rating-system-tools page, allowing potential reads of arbitrary files (as indicated by CNVD/NVD entries). NVD lists CVSS v3 base score 7.5 (HIGH)...
CVE-2018-5288
CVE-2018-5288 affects the WordPress GD Rating System plugin (version 2.3) for WordPress. The vulnerability is a Cross-Site Scripting (XSS) flaw exposed via the gd-rating-system-transfer page, specifically through a wp-admin/admin.php panel parameter. The connected sources confirm the affected plu...