Medium severity4.7NVD Advisory· Published Feb 4, 2022· Updated Jun 17, 2026
CVE-2022-23980
CVE-2022-23980
Description
Cross-Site Scripting (XSS) vulnerability discovered in Yasr – Yet Another Stars Rating WordPress plugin (versions <= 2.9.9), vulnerable at parameter 'source'.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <=2.9.9
- Dario Curvino/Yasr – Yet Another Stars Rating (WordPress plugin)v5Range: <= 2.9.9
Patches
Vulnerability mechanics
References
2- patchstack.com/database/vulnerability/yet-another-stars-rating/wordpress-yasr-yet-another-stars-rating-plugin-2-9-9-cross-site-scripting-xss-vulnerabilitynvdThird Party Advisory
- wordpress.org/plugins/yet-another-stars-rating/nvdRelease NotesThird Party Advisory
News mentions
0No linked articles in our index yet.