Lucene search
+L

5 matches found

redhatcve
redhatcve
added 2025/02/05 1:39 a.m.6 views

CVE-2024-11977

The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.4.10. This is due to the software allowing users to execute an action that does not properly validate a value before running...

7.3CVSS7.6AI score0.00637EPSS
Exploits0References1
nvd
nvd
added 2024/12/21 6:15 a.m.20 views

CVE-2024-11977

The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.4.10. This is due to the software allowing users to execute an action that does not properly validate a value before running...

7.3CVSS0.00637EPSS
Exploits0References2
circl
circl
added 2024/12/21 5:33 a.m.9 views

CVE-2024-11977

creationtimestamp| type| source ---|---|--- 2024-12-21 05:33:07+00:00| seen| https://infosec.exchange/users/cve/statuses/113689178079591745 2024-12-21 06:15:42+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3ldsasqi2z525 2024-12-21 07:48:24+00:00| seen|...

7.3CVSS8.7AI score0.00637EPSS
Exploits0References3
vulnrichment
vulnrichment
added 2024/12/21 5:31 a.m.7 views

CVE-2024-11977 kk Star Ratings – Rate Post & Collect User Feedbacks <= 5.4.10 - Unauthenticated Arbitrary Shortcode Execution

The The kk Star Ratings – Rate Post & Collect User Feedbacks plugin for WordPress is vulnerable to arbitrary shortcode execution in all versions up to, and including, 5.4.10. This is due to the software allowing users to execute an action that does not properly validate a value before running...

7.3CVSS7.8AI score0.00637EPSS
Exploits0References2
cve
cve
added 2024/12/21 5:31 a.m.67 views

CVE-2024-11977

CVE-2024-11977 concerns the kk Star Ratings – Rate Post & Collect User Feedbacks WordPress plugin. The WordPress plugin is vulnerable to arbitrary shortcode execution in all versions up to and including 5.4.10 due to unvalidated input passed to do_shortcode, enabling unauthenticated attackers to ...

7.3CVSS7.6AI score0.00637EPSS
Exploits0References2
Rows per page
Query Builder