Lucene search
K

71 matches found

NVD
NVD
added 4 days ago10 views

CVE-2026-12560

The Editorial Rating – Product Review & Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'Link URL' Field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

4.4CVSS0.0024EPSS
Exploits0References9
CVE
CVE
added 4 days ago11 views

CVE-2026-12560

The Editorial Rating – Product Review & Rating System plugin for WordPress (versions up to 4.0.5) is vulnerable to Stored Cross-Site Scripting via the Link URL field due to insufficient input sanitization and output escaping. Authenticated attackers with administrator-level access can store a pay...

4.4CVSS5.9AI score0.0024EPSS
Exploits0References9
EUVD
EUVD
added 4 days ago6 views

EUVD-2026-40251

The Editorial Rating – Product Review & Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'Link URL' Field in all versions up to, and including, 4.0.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

4.4CVSS5.9AI score0.0024EPSS
Exploits0References9
Patchstack
Patchstack
added 2026/05/25 7:32 a.m.17 views

WordPress CBX 5 Star Rating & Review plugin <= 1.0.7 - Reflected Cross-Site Scripting vulnerability

Reflected Cross-Site Scripting vulnerability discovered by Julian Chibuike Nwadinobi Wackydawg - streamio in WordPress Plugin CBX 5 Star Rating & Review versions = 1.0.7...

6.1CVSS5.8AI score0.00264EPSS
Exploits0References1Affected Software1
ATTACKERKB
ATTACKERKB
added 2026/05/22 3:39 a.m.10 views

CVE-2026-6864

The CBX 5 Star Rating & Review plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'page' parameter in all versions up to, and including, 1.0.7 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

6.1CVSS6AI score0.00264EPSS
Exploits0References6
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-2864

Malware in sbrugna...

7.5CVSS6.4AI score0.01641EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.3 views

EUVD-2014-4528

Malware in sbrugna...

4.3CVSS6.4AI score0.01629EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2014-2863

Malware in sbrugna...

6.8CVSS6.4AI score0.01014EPSS
Exploits1References5
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2021-11805

Malware in sbrugna...

7.5CVSS7.4AI score0.01553EPSS
Exploits2References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-36398

Malicious code in bioql PyPI...

5.9CVSS6.5AI score0.00369EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-36393

Malicious code in bioql PyPI...

8.8CVSS9.1AI score0.00315EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-50195

Malicious code in bioql PyPI...

7.1CVSS7AI score0.00382EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2022-43970

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00384EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-41741

Malicious code in bioql PyPI...

8.1CVSS8AI score0.00405EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2022-50205

Malicious code in bioql PyPI...

8.8CVSS8.6AI score0.00326EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 5:10 a.m.8 views

CVE-2023-32125

Cross-Site Request Forgery CSRF vulnerability in Daniel Powney Multi Rating plugin = 5.0.6 versions...

8.8CVSS8.5AI score0.00315EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:49 a.m.4 views

CVE-2023-32130

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Daniel Powney Multi Rating plugin = 5.0.6 versions...

5.9CVSS5.2AI score0.00369EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:5 p.m.6 views

CVE-2021-24893

The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment dashboard depending if the user sent it as unauthenticated or authenticated...

7.5CVSS6.9AI score0.01553EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/04/25 4:3 p.m.10 views

CVE-2025-39527

Deserialization of Untrusted Data vulnerability in bestweblayout Rating by BestWebSoft rating-bws allows Object Injection.This issue affects Rating by BestWebSoft: from n/a through = 1.7...

8.8CVSS7.2AI score0.00383EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/04/17 12:0 a.m.5 views

WordPress plugin Rating by BestWebSoft 代码问题漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...

8.8CVSS8.7AI score0.00383EPSS
Exploits0References1
Rows per page
Query Builder