Yet Another Stars Rating
by WordPress
Source repositories
CVEs (4)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2015-9465 | Hig | 0.57 | 8.8 | 0.02 | Oct 10, 2019 | The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter. | ||
| CVE-2022-40699 | Med | 0.35 | 5.4 | 0.00 | Mar 16, 2023 | Cross-Site Scripting (XSS) vulnerability in Dario Curvino Yasr – Yet Another Stars Rating plugin <= 3.1.2 versions. | ||
| CVE-2023-39305 | Med | 0.34 | 5.3 | 0.00 | Dec 13, 2024 | Missing Authorization vulnerability in Dash Labs Yet Another Stars Rating yet-another-stars-rating allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yet Another Stars Rating: from n/a through <= 3.4.3. | ||
| CVE-2022-23980 | Med | 0.31 | 4.7 | 0.01 | Feb 4, 2022 | Cross-Site Scripting (XSS) vulnerability discovered in Yasr – Yet Another Stars Rating WordPress plugin (versions <= 2.9.9), vulnerable at parameter 'source'. |
- risk 0.57cvss 8.8epss 0.02
The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter.
- risk 0.35cvss 5.4epss 0.00
Cross-Site Scripting (XSS) vulnerability in Dario Curvino Yasr – Yet Another Stars Rating plugin <= 3.1.2 versions.
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Dash Labs Yet Another Stars Rating yet-another-stars-rating allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yet Another Stars Rating: from n/a through <= 3.4.3.
- risk 0.31cvss 4.7epss 0.01
Cross-Site Scripting (XSS) vulnerability discovered in Yasr – Yet Another Stars Rating WordPress plugin (versions <= 2.9.9), vulnerable at parameter 'source'.