Lucene search
K

2839 matches found

EUVD
EUVD
added 2026/05/12 9:31 a.m.9 views

EUVD-2026-29393

The Rate Star Review Vote - AJAX Reviews, Votes, Star Ratings plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.6.4. The vwrsrreview AJAX handler lacks both capability checks and nonce verification. The only access control is an isuserloggedin check...

4.3CVSS5.8AI score0.00271EPSS
Exploits0References8
Cvelist
Cvelist
added 2026/05/12 7:48 a.m.38 views

CVE-2026-4301 Rate Star Review Vote <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Modification via 'rating_id' Parameter

The Rate Star Review Vote - AJAX Reviews, Votes, Star Ratings plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.6.4. The vwrsrreview AJAX handler lacks both capability checks and nonce verification. The only access control is an isuserloggedin check...

4.3CVSS0.00271EPSS
Exploits0References7
CVE
CVE
added 2026/05/12 7:48 a.m.13 views

CVE-2026-4301

The CVE-2026-4301 entry documents a vulnerability in the WordPress plugin Rate Star Review Vote (versions up to 1.6.4). The vwrsr_review() AJAX handler lacks proper capability checks and nonce verification, relying only on is_user_logged_in(). When form is set to 'update', an attacker-supplied ra...

4.3CVSS5.8AI score0.00271EPSS
Exploits0References7
Vulnrichment
Vulnrichment
added 2026/05/12 7:48 a.m.7 views

CVE-2026-4301 Rate Star Review Vote <= 1.6.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Post Modification via 'rating_id' Parameter

The Rate Star Review Vote - AJAX Reviews, Votes, Star Ratings plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.6.4. The vwrsrreview AJAX handler lacks both capability checks and nonce verification. The only access control is an isuserloggedin check...

4.3CVSS5.8AI score0.00271EPSS
Exploits0References7
Positive Technologies
Positive Technologies
added 2026/05/12 12:0 a.m.17 views

PT-2026-39948

The Rate Star Review Vote - AJAX Reviews, Votes, Star Ratings plugin for WordPress is vulnerable to Missing Authorization in all versions up to and including 1.6.4. The vwrsr review AJAX handler lacks both capability checks and nonce verification. The only access control is an is user logged in...

4.3CVSS5.8AI score0.00271EPSS
Exploits0References8
CNNVD
CNNVD
added 2026/05/12 12:0 a.m.13 views

WordPress plugin Rate Star Review Vote - AJAX Reviews, Votes, Star Ratings 安全漏洞

WordPress, among others, is a product of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. Effect is a software package used for adding image effects. Aaron Update is a product developed by Aaron, the individual developer behind the project. Update is a...

4.3CVSS5.8AI score0.00271EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/05/01 9:14 a.m.8 views

WordPress YASR – Yet Another Star Rating Plugin for WordPress plugin <= 3.4.12 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Yet Another Stars Rating versions = 3.4.12...

6.1CVSS5.8AI score0.00276EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2026/04/29 11:32 a.m.4 views

WordPress GD Rating System plugin <= 3.6.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Doan Dinh Van in WordPress Plugin GD Rating System versions = 3.6.2...

5.9AI score0.00283EPSS
Exploits0Affected Software1
GithubExploit
GithubExploit
added 2026/04/21 12:15 p.m.92 views

BuildReview2

BuildReview2 - Attack-Path-Driven Windows Host Review A rewri...

5.8AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/15 12:0 a.m.11 views

tomcat10-10.1.54-1.1 on GA media (moderate)

tomcat10-10.1.54-1.1 on GA media Announcement ID: openSUSE-SU-2026:10548-1 Rating: moderate Cross-References: CVE-2026-24880 CVE-2026-25854 CVE-2026-29129 CVE-2026-29145 CVE-2026-29146 CVE-2026-32990 CVE-2026-34483 CVE-2026-34486 CVE-2026-34487 CVE-2026-34500 CVSS scores: CVE-2026-24880 SUSE : 4....

8.7CVSS6.8AI score0.21691EPSS
Exploits8
OPENSUSE Linux
OPENSUSE Linux
added 2026/04/02 12:0 a.m.4 views

dnsdist-2.0.3-1.1 on GA media (moderate)

dnsdist-2.0.3-1.1 on GA media Announcement ID: openSUSE-SU-2026:10473-1 Rating: moderate Cross-References: CVE-2026-0396 CVE-2026-24028 CVE-2026-24030 CVE-2026-27854 CVSS scores: CVE-2026-0396 SUSE : 3.1 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N CVE-2026-0396 SUSE : 2.1...

6.3CVSS5.9AI score0.01028EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/25 12:0 a.m.5 views

pnpm-10.32.1-1.1 on GA media (moderate)

pnpm-10.32.1-1.1 on GA media Announcement ID: openSUSE-SU-2026:10410-1 Rating: moderate Cross-References: CVE-2026-24842 CVSS scores: CVE-2026-24842 SUSE : 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N CVE-2026-24842 SUSE : 8.7 CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N...

8.7CVSS6.6AI score0.00541EPSS
Exploits1
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/03/24 12:48 p.m.7 views

Malicious code in yelp-react-component-rating (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 027bbca928c4c1696f388fbb2ac0ac3a7c74a29db1a6bb76b5c7431759c27421 The package yelp-react-component-rating was found to contain malicious code. Source: ghsa-malware...

5.8AI score
Exploits0References1
OPENSUSE Linux
OPENSUSE Linux
added 2026/03/08 12:0 a.m.3 views

coredns-1.14.2-1.1 on GA media (moderate)

coredns-1.14.2-1.1 on GA media Announcement ID: openSUSE-SU-2026:10297-1 Rating: moderate Cross-References: CVE-2026-26017 CVE-2026-26018 Affected Products: openSUSE Tumbleweed An update that solves 2 vulnerabilities can now be installed. Description: These are all security issues fixed in the...

7.7CVSS5.8AI score0.01093EPSS
Exploits1
Packet Storm News
Packet Storm News
added 2026/03/06 12:0 a.m.4 views

Supporting Artifact Evaluation with LLMs: A Study with Published Security Research Papers

Artifact Evaluation AE is essential for ensuring the transparency and reliability of research, closing the gap between exploratory work and real-world deployment is particularly important in cybersecurity, particularly in IoT and CPSs, where large-scale, heterogeneous, and privacy-sensitive data...

5.9AI score
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/13 12:0 a.m.5 views

build-20260202-2.1 on GA media (moderate)

build-20260202-2.1 on GA media Announcement ID: openSUSE-SU-2026:10183-1 Rating: moderate Cross-References: CVE-2024-22038 CVSS scores: CVE-2024-22038 SUSE : 7.3 CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:L/I:H/A:H CVE-2024-22038 SUSE : 6.8 CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:A/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N...

7.3CVSS5.5AI score0.00209EPSS
Exploits0
OPENSUSE Linux
OPENSUSE Linux
added 2026/02/03 12:0 a.m.5 views

Security update for the Linux Kernel (important)

openSUSE security update: security update for the linux kernel ------------------------------------------------------------- Announcement ID: openSUSE-SU-2026:20145-1 Rating: important References: bsc1205462 bsc1214285 bsc1243112 bsc1245193 bsc1247500 bsc1250388 bsc1252046 bsc1252861 bsc1253155...

8.5CVSS5.9AI score
Exploits0References238
Vulnrichment
Vulnrichment
added 2026/01/21 4:26 p.m.7 views

CVE-2026-20045 Cisco Unified Communications Products Remote Code Execution Vulnerability

A vulnerability in Cisco Unified Communications Manager Unified CM, Cisco Unified Communications Manager Session Management Edition Unified CM SME, Cisco Unified Communications Manager IM & Presence Service Unified CM IM&P, Cisco Unity Connection, and Cisco Webex Calling Dedicated Instance could...

8.2CVSS6.6AI score0.04307EPSS
Exploits1References1
GithubExploit
GithubExploit
added 2026/01/21 12:45 p.m.175 views

Exploit for CVE-2025-69459

CVE-2025-69459 – Movie Rating System 1.0 Broken Access C...

5.4AI score
Exploits0
GithubExploit
GithubExploit
added 2026/01/21 12:43 p.m.157 views

Exploit for CVE-2025-69458

CVE-2025-69458 – Movie Rating System 1.0 SQLi to...

5.5AI score
Exploits0
Rows per page
Query Builder