71 matches found
CVE-2026-12560
The Editorial Rating – Product Review & Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'Link URL' Field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
CVE-2026-12560
The Editorial Rating – Product Review & Rating System plugin for WordPress (versions up to 4.0.5) is vulnerable to Stored Cross-Site Scripting via the Link URL field due to insufficient input sanitization and output escaping. Authenticated attackers with administrator-level access can store a pay...
EUVD-2026-40251
The Editorial Rating – Product Review & Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'Link URL' Field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...
WordPress CBX 5 Star Rating & Review plugin <= 1.0.7 - Reflected Cross-Site Scripting vulnerability
Reflected Cross-Site Scripting vulnerability discovered by Julian Chibuike Nwadinobi Wackydawg - streamio in WordPress Plugin CBX 5 Star Rating & Review versions = 1.0.7...
CVE-2026-6864
The CBX 5 Star Rating & Review plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
EUVD-2014-2864
Malware in sbrugna...
EUVD-2014-4528
Malware in sbrugna...
EUVD-2014-2863
Malware in sbrugna...
EUVD-2021-11805
Malware in sbrugna...
EUVD-2023-36398
Malicious code in bioql PyPI...
EUVD-2023-36393
Malicious code in bioql PyPI...
EUVD-2022-50195
Malicious code in bioql PyPI...
EUVD-2022-43970
Malicious code in bioql PyPI...
EUVD-2023-41741
Malicious code in bioql PyPI...
EUVD-2022-50205
Malicious code in bioql PyPI...
CVE-2023-32125
Cross-Site Request Forgery CSRF vulnerability in Daniel Powney Multi Rating plugin = 5.0.6 versions...
CVE-2023-32130
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Daniel Powney Multi Rating plugin = 5.0.6 versions...
CVE-2021-24893
The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment dashboard depending if the user sent it as unauthenticated or authenticated...
CVE-2025-39527
Deserialization of Untrusted Data vulnerability in bestweblayout Rating by BestWebSoft rating-bws allows Object Injection.This issue affects Rating by BestWebSoft: from n/a through = 1.7...
WordPress plugin Rating by BestWebSoft 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...