VYPR

Wp Postratings (wordpress Plugin)

by Lesterchan

CVEs (7)

  • CVE-2024-39659Aug 1, 2024
    risk 0.00cvss epss 0.00

    Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Lester ‘GaMerZ’ Chan WP-PostRatings allows Stored XSS.This issue affects WP-PostRatings: from n/a through 1.91.1.

  • CVE-2023-40332Jun 4, 2024
    risk 0.00cvss epss 0.00

    Improper Control of Interaction Frequency vulnerability in Lester ‘GaMerZ’ Chan WP-PostRatings allows Functionality Misuse.This issue affects WP-PostRatings: from n/a through 1.91.

  • CVE-2011-10006Apr 8, 2024
    risk 0.00cvss epss 0.00

    A vulnerability was found in GamerZ WP-PostRatings up to 1.64. It has been classified as problematic. This affects an unknown part of the file wp-postratings.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version…

  • CVE-2021-25117Jan 16, 2024
    risk 0.00cvss epss 0.00

    The WP-PostRatings WordPress plugin before 1.86.1 does not sanitise the postratings_image parameter from its options page (wp-admin/admin.php?page=wp-postratings/postratings-options.php). Even though the page is only accessible to administrators, and protected against CSRF…

  • CVE-2022-40130Nov 18, 2022
    risk 0.00cvss epss 0.00

    Auth. (subscriber+) Race Condition vulnerability in WP-Polls plugin <= 2.76.0 on WordPress.

  • CVE-2022-36422Sep 9, 2022
    risk 0.00cvss epss 0.00

    Rating increase/decrease via race condition in Lester 'GaMerZ' Chan WP-PostRatings plugin <= 1.89 at WordPress.

  • CVE-2011-4646Nov 30, 2011
    risk 0.00cvss epss 0.02

    SQL injection vulnerability in wp-postratings.php in the WP-PostRatings plugin 1.50, 1.61, and probably other versions before 1.62 for WordPress allows remote authenticated users with the Author role to execute arbitrary SQL commands via the id attribute of the ratings shortcode…