4 matches found
CVE-2024-13392
The Rate Star Review Vote – AJAX Reviews, Votes, Star Ratings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisperreviews' shortcode in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping on user supplied...
CVE-2024-13392
creationtimestamp| type| source ---|---|--- 2025-01-18 07:57:14+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/2277 2025-01-18 08:15:47+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lfyul7vc462f 2025-01-18 08:44:18+00:00| seen|...
CVE-2024-13392
CVE-2024-13392 affects the Rate Star Review Vote – AJAX Reviews, Votes, Star Ratings plugin for WordPress. The vulnerability is Stored XSS via the videowhisper_reviews shortcode in versions up to 1.6.3, requiring authenticated access (contributor+). Wordfence and RH Red Hat records confirm the is...
CVE-2024-13392 Rate Star Review Vote – AJAX Reviews, Votes, Star Ratings <= 1.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Rate Star Review Vote – AJAX Reviews, Votes, Star Ratings plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'videowhisperreviews' shortcode in all versions up to, and including, 1.6.3 due to insufficient input sanitization and output escaping on user supplied...