WordPress CBX 5 Star Rating & Review plugin <= 1.0.7 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Julian Chibuike Nwadinobi Wackydawg - streamio in WordPress Plugin CBX 5 Star Rating & Review versions = 1.0.7...

CVE-2026-6864

The CBX 5 Star Rating & Review plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

EUVD-2014-2864

Malware in sbrugna...

EUVD-2021-11805

Malware in sbrugna...

EUVD-2014-4528

Malware in sbrugna...

EUVD-2014-2863

Malware in sbrugna...

EUVD-2022-50205

Malicious code in bioql PyPI...

EUVD-2023-41741

Malicious code in bioql PyPI...

EUVD-2022-43970

Malicious code in bioql PyPI...

EUVD-2023-36393

Malicious code in bioql PyPI...

EUVD-2023-36398

Malicious code in bioql PyPI...

EUVD-2022-50195

Malicious code in bioql PyPI...

CVE-2023-32125

Cross-Site Request Forgery CSRF vulnerability in Daniel Powney Multi Rating plugin = 5.0.6 versions...

CVE-2023-32130

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Daniel Powney Multi Rating plugin = 5.0.6 versions...

CVE-2021-24893

The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment dashboard depending if the user sent it as unauthenticated or authenticated...

CVE-2025-39527

Deserialization of Untrusted Data vulnerability in bestweblayout Rating by BestWebSoft rating-bws allows Object Injection.This issue affects Rating by BestWebSoft: from n/a through = 1.7...

WordPress plugin Rating by BestWebSoft 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

WordPress Simple Rating plugin <= 1.4 - Cross Site Request Forgery (CSRF) to Stored XSS vulnerability

Cross Site Request Forgery CSRF to Stored XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Simple Rating versions = 1.4...

CVE-2025-27303 WordPress Contact Form 7 Star Rating plugin <= 1.10 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in themelogger Contact Form 7 Star Rating contact-form-7-star-rating allows Stored XSS.This issue affects Contact Form 7 Star Rating: from n/a through = 1.10...

CVE-2022-47433

Unauth. Reflected Cross-Site Scripting vulnerability in Daniel Powney Multi Rating plugin = 5.0.5 versions...