23 matches found
EUVD-2006-3760
Malware in sbrugna...
EUVD-2025-29843
Malicious code in bioql PyPI...
EUVD-2023-3309
Malicious code in bioql PyPI...
EUVD-2022-15453
Malicious code in bioql PyPI...
CVE-2025-8942
The WP Hotel Booking WordPress plugin before 2.2.3 lacks proper server-side validation for review ratings, allowing an attacker to manipulate the rating value e.g., sending negative or out-of-range values by intercepting and modifying requests...
CVE-2025-8942
The WP Hotel Booking WordPress plugin before 2.2.3 lacks proper server-side validation for review ratings, allowing an attacker to manipulate the rating value e.g., sending negative or out-of-range values by intercepting and modifying requests...
CVE-2025-8942 WP Hotel Booking < 2.2.3 - Subscriber+ Rating Manipulation
The WP Hotel Booking WordPress plugin before 2.2.3 lacks proper server-side validation for review ratings, allowing an attacker to manipulate the rating value e.g., sending negative or out-of-range values by intercepting and modifying requests...
CVE-2025-8942 WP Hotel Booking < 2.2.3 - Subscriber+ Rating Manipulation
The WP Hotel Booking WordPress plugin before 2.2.3 lacks proper server-side validation for review ratings, allowing an attacker to manipulate the rating value e.g., sending negative or out-of-range values by intercepting and modifying requests...
CVE-2025-8942
Summary (CVE-2025-8942): The WP Hotel Booking WordPress plugin (versions prior to 2.2.3) contains a server-side input-validation flaw in review ratings that lets an attacker modify rating values by intercepting requests. Public references and Red Hat advisories confirm the issue and indicate a pa...
PT-2025-38300
Name of the Vulnerable Software and Affected Versions WP Hotel Booking WordPress plugin versions prior to 2.2.3 Description The WP Hotel Booking WordPress plugin does not perform adequate server-side validation of review ratings. This allows an attacker to modify the rating value by intercepting...
WordPress plugin WP Hotel Booking 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security...
CVE-2025-9811
A vulnerability was found in Campcodes Farm Management System 1.0. This affects an unknown part of the file /reviewInput.php. Performing manipulation of the argument rating results in sql injection. The attack is possible to be carried out remotely. The exploit has been made public and could be...
CVE-2022-0279
The AnyComment WordPress plugin before 0.2.18 is affected by a race condition when liking/disliking a comment/reply, which could allow any authenticated user to quickly raise their rating or lower the rating of other users...
Bykea: Lack of Feedback Validation Permits Arbitrary Driver Ratings
The vulnerability discovered by @bugbountywithmarco in Bykea's feedback system allowed authenticated passengers to submit feedback for drivers they had not actually ridden with. The exploit was limited to trips the attacker legitimately owned, and each trip could only affect one driver rating at ...
WordPress WP Post Author plugin <= 3.6.4 - Rating Value Manipulation vulnerability
Rating Value Manipulation vulnerability discovered by Kyle Sanchez Patchstack Alliance in WordPress Plugin WP Post Author versions = 3.6.4...
CVE-2023-6835
Multiple WSO2 products have been identified as vulnerable due to lack of server-side input validation in the Forum feature, API rating could be manipulated...
CVE-2023-6835
WSO2 API Manager is identified as vulnerable due to lack of server-side input validation in the Forum feature, which could allow manipulation of API ratings. The issue is documented across multiple sources (including CVE-2023-6835 and related advisories) with no explicit exploit details provided ...
PT-2023-32784 · Wso2 · Wso2
Name of the Vulnerable Software and Affected Versions: WSO2 products affected versions not specified Description: The issue is related to a lack of server-side input validation in the Forum feature, which could allow API rating manipulation. Recommendations: At the moment, there is no information...
CVE-2022-45842
Unauth. Race Condition vulnerability in WP ULike Plugin = 4.6.4 on WordPress allows attackers to increase/decrease rating scores...
WordPress plugin WP Ulike 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...