Lucene search
+L

72 matches found

Vulnrichment
Vulnrichment
added 2023/03/29 12:23 p.m.9 views

CVE-2022-47433 WordPress Multi Rating Plugin <= 5.0.5 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting vulnerability in Daniel Powney Multi Rating plugin = 5.0.5 versions...

7.1CVSS6.4AI score0.00382EPSS
Exploits0References1
Cvelist
Cvelist
added 2023/03/29 12:23 p.m.27 views

CVE-2022-47433 WordPress Multi Rating Plugin <= 5.0.5 is vulnerable to Cross Site Scripting (XSS)

Unauth. Reflected Cross-Site Scripting vulnerability in Daniel Powney Multi Rating plugin = 5.0.5 versions...

7.1CVSS6.7AI score0.00382EPSS
Exploits0References1
CVE
CVE
added 2023/03/29 12:23 p.m.49 views

CVE-2022-47433

CVE-2022-47433 affects the WordPress plugin Daniel Powney Multi Rating. Connected sources (Patchstack) indicate unauthenticated Cross-Site Scripting in Multi Rating versions ≤ 5.0.6, with CVSS ~7.1 (high). The initial entry lists versions ≤ 5.0.5 (unauthenticated XSS) but Patchstack expands this ...

7.1CVSS6.1AI score0.00382EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/03/17 3:29 p.m.51 views

CVE-2022-46867

CVE-2022-46867 describes a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress feature/plugin named Universal Star Rating, affecting versions

8.8CVSS6.5AI score0.00271EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/03/16 9:15 a.m.5 views

CVE-2022-40699

Cross-Site Scripting XSS vulnerability in Dario Curvino Yasr – Yet Another Stars Rating plugin = 3.1.2 versions...

6.1CVSS5.8AI score0.00384EPSS
Exploits0References1
OSV
OSV
added 2023/03/14 9:15 a.m.3 views

CVE-2022-47443

Cross-Site Request Forgery CSRF vulnerability in Daniel Powney Multi Rating plugin = 5.0.5 versions...

8.8CVSS5.8AI score0.00326EPSS
Exploits0References1
NVD
NVD
added 2023/03/14 9:15 a.m.23 views

CVE-2022-47443

Cross-Site Request Forgery CSRF vulnerability in Daniel Powney Multi Rating plugin = 5.0.5 versions...

8.8CVSS5.8AI score0.00326EPSS
Exploits0References1
Prion
Prion
added 2023/03/14 9:15 a.m.19 views

Cross site request forgery (csrf)

Cross-Site Request Forgery CSRF vulnerability in Daniel Powney Multi Rating plugin = 5.0.5 versions...

6.8CVSS8.7AI score0.00326EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/14 8:26 a.m.10 views

CVE-2022-47443 WordPress Multi Rating Plugin <= 5.0.5 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in Daniel Powney Multi Rating plugin = 5.0.5 versions...

4.3CVSS8.8AI score0.00326EPSS
Exploits0References1
WPVulnDB
WPVulnDB
added 2023/02/02 12:0 a.m.22 views

Multi Rating < 5.0.6 - Ratings Deletion via CSRF

The plugin does not have CSRF check when deleting ratings, which could allow attackers to make logged in admins to perform such action via a CSRF attack...

8.8CVSS8.2AI score0.00326EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2023/02/02 12:0 a.m.4 views

WordPress Multi Rating Plugin <= 5.0.6 is vulnerable to Broken Access Control

Software Multi Rating Type Plugin Vulnerable versions = 5.0.6 Fixed in N/A OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-25053 Patch priority Low CVSS severity Low 5.3 Developer Claim ownership PSID 49ce4d920ef6 Credits minhtuanact Required privilege...

6.5AI score
Exploits0References1Affected Software1
NVD
NVD
added 2022/06/20 11:15 a.m.19 views

CVE-2021-25121

The Rating by BestWebSoft WordPress plugin before 1.6 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service on the post/page when a user submit such rating...

6.5CVSS0.01204EPSS
Exploits2References1
CNVD
CNVD
added 2022/06/15 12:0 a.m.47 views

WordPress Like Button Rating plugin Access Control Error Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. An access control error...

6.5CVSS6.4AI score0.0077EPSS
Exploits2References1
Patchstack
Patchstack
added 2022/02/28 12:0 a.m.11 views

WordPress Yet Another Stars Rating plugin < 3.0.2 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability

Toggle The Debug Mode via Cross-Site Request Forgery CSRF vulnerability discovered in WordPress Yet Another Stars Rating plugin versions 3.0.2. Solution Update the WordPress Yet Another Stars Rating plugin to the latest available version at least 3.0.2...

4.3AI score
Exploits0References2Affected Software1
CNVD
CNVD
added 2022/01/06 12:0 a.m.40 views

WordPress Stars Rating Plugin Denial of Service Vulnerability

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress Stars Rating Plugin has a denial of service vulnerability in versions prior to 3.5.1, which stems from a failure ...

7.5CVSS2.6AI score0.01553EPSS
Exploits2References1
OSV
OSV
added 2022/01/03 1:15 p.m.4 views

CVE-2021-24893

The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment dashboard depending if the user sent it as unauthenticated or authenticated...

7.5CVSS5.8AI score0.01553EPSS
Exploits2References1
CNNVD
CNNVD
added 2022/01/03 12:0 a.m.9 views

WordPress plugin Stars Rating 输入验证错误漏洞

WordPress is the WordPress Foundation's suite of blogging platforms developed using the PHP language. The platform supports personal blogging sites on PHP and MySQL servers. WordPress Stars Rating Plugin has a denial of service vulnerability in versions prior to 3.5.1, which stems from a failure ...

7.5CVSS5.7AI score0.01553EPSS
Exploits2References1
CNNVD
CNNVD
added 2021/05/11 12:0 a.m.5 views

Kk Star Ratings 跨站脚本漏洞

kk-star-ratings is an application. Used to allow blog visitors to engage and interact with your site by rating posts. A cross-site scripting vulnerability exists in the Kk Star Ratings plugin prior to version 4.1.5...

6.1CVSS5.8AI score0.00685EPSS
Exploits0References2
Patchstack
Patchstack
added 2021/02/06 12:0 a.m.15 views

WordPress Like Button Rating plugin <= 2.6.31 - Unauthenticated Server-Side Request Forgery (SSRF) vulnerability

Unauthenticated Server-Side Request Forgery SSRF vulnerability found by Lauritz Holme in WordPress Like Button Rating plugin versions = 2.6.31. Solution Update the WordPress Like Button Rating plugin to the latest available version at least 2.6.32...

3AI score
Exploits0References2Affected Software1
CNVD
CNVD
added 2019/10/16 12:0 a.m.8 views

WordPress yet-another-stars-rating plugin SQL injection vulnerability

WordPress is a blogging platform developed by the WordPress Foundation using the PHP language. The platform supports personal blog sites on PHP and MySQL servers. yet-another-stars-rating is a rating plugin used in it. The WordPress yet-another-stars-rating plugin suffers from a SQL injection...

8.8CVSS8AI score0.01944EPSS
Exploits1References1
Rows per page
Query Builder