7 matches found
CVE-2026-57771
CVE-2026-57771 concerns the WordPress plugin for Milan Petrovic’s GD Rating System. Connected sources confirm the vulnerability as a SQL Injection flaw in the GD Rating System plugin, affecting versions up to 3.7 (<=3.7). The root cause is improper neutralization of inputs used in SQL commands...
CVE-2026-57771 WordPress GD Rating System plugin <= 3.7 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Milan Petrovic GD Rating System gd-rating-system allows Blind SQL Injection.This issue affects GD Rating System: from n/a through = 3.7...
EUVD-2017-9704
Malware in sbrugna...
CVE-2017-18591
The gd-rating-system plugin before 2.1 for WordPress has XSS in log.php...
Design/Logic Flaw
The gd-rating-system plugin before 2.1 for WordPress has XSS in log.php...
CVE-2018-5289
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-information page...
CVE-2018-5291
CVE-2018-5291 affects WordPress GD Rating System plugin v2.3. The vulnerability is a directory traversal flaw in the wp-admin/admin.php panel on the gd-rating-system-tools page, allowing potential reads of arbitrary files (as indicated by CNVD/NVD entries). NVD lists CVSS v3 base score 7.5 (HIGH)...