VYPR

Yet Another Stars Rating

by WordPress

Source repositories

CVEs (4)

  • CVE-2015-9465HigOct 10, 2019
    risk 0.57cvss 8.8epss 0.02

    The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter.

  • CVE-2022-40699MedMar 16, 2023
    risk 0.35cvss 5.4epss 0.00

    Cross-Site Scripting (XSS) vulnerability in Dario Curvino Yasr – Yet Another Stars Rating plugin <= 3.1.2 versions.

  • CVE-2023-39305MedDec 13, 2024
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in Dash Labs Yet Another Stars Rating yet-another-stars-rating allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yet Another Stars Rating: from n/a through <= 3.4.3.

  • CVE-2022-23980MedFeb 4, 2022
    risk 0.31cvss 4.7epss 0.01

    Cross-Site Scripting (XSS) vulnerability discovered in Yasr – Yet Another Stars Rating WordPress plugin (versions <= 2.9.9), vulnerable at parameter 'source'.