Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
stars rating project stars rating vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2021-24893
The Stars Rating WordPress plugin prior to 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment dashboard depending if the user sent it as unauthenticated or authenticated.
Stars Rating Project Stars Rating
668
VMScore
CVE-2022-0657
The 5 Stars Rating Funnel WordPress Plugin | RRatingg WordPress plugin prior to 1.2.54 does not properly sanitise, validate and escape lead ids before using them in a SQL statement via the rrtngg_delete_leads AJAX action, available to unauthenticated users, leading to an unauthen...
5 Stars Rating Funnel Project 5 Stars Rating Funnel
NA
CVE-2023-37867
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in YetAnotherStarsRating.Com YASR – Yet Another Star Rating Plugin for WordPress.This issue affects YASR – Yet Another Star Rating Plugin for WordPress: from n/a up to and including 3.3.8.
Yet Another Stars Rating Project Yet Another Stars Rating
578
VMScore
CVE-2015-9465
The yet-another-stars-rating plugin prior to 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter.
Yet Another Stars Rating Project Yet Another Stars Rating
383
VMScore
CVE-2022-23980
Cross-Site Scripting (XSS) vulnerability discovered in Yasr – Yet Another Stars Rating WordPress plugin (versions <= 2.9.9), vulnerable at parameter 'source'.
Yet Another Stars Rating Project Yet Another Stars Rating
NA
CVE-2022-40699
Cross-Site Scripting (XSS) vulnerability in Dario Curvino Yasr – Yet Another Stars Rating plugin <= 3.1.2 versions.
Yasr - Yet Another Stars Rating Project Yasr - Yet Another Stars Rating
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started