VYPR

Wp Postratings Cheater

by WordPress

Source repositories

CVEs (2)

  • CVE-2021-25117MedJan 16, 2024
    risk 0.31cvss 4.8epss 0.00

    The WP-PostRatings WordPress plugin before 1.86.1 does not sanitise the postratings_image parameter from its options page (wp-admin/admin.php?page=wp-postratings/postratings-options.php). Even though the page is only accessible to administrators, and protected against CSRF…

  • CVE-2025-27328MedFeb 24, 2025
    risk 0.28cvss 4.3epss 0.00

    Cross-Site Request Forgery (CSRF) vulnerability in queeez WP-PostRatings Cheater wp-postratings-cheater allows Cross Site Request Forgery.This issue affects WP-PostRatings Cheater: from n/a through <= 1.5.