VYPR

Gd Rating System

by WordPress

Source repositories

CVEs (13)

  • CVE-2026-42639CriJun 15, 2026
    risk 0.60cvss 9.3epss 0.00

    Unauthenticated SQL Injection in GD Rating System <= 3.6.2 versions.

  • CVE-2018-5291HigJan 8, 2018
    risk 0.49cvss 7.5epss 0.04

    The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-tools page.

  • CVE-2018-5290HigJan 8, 2018
    risk 0.49cvss 7.5epss 0.04

    The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page.

  • CVE-2018-5289HigJan 8, 2018
    risk 0.49cvss 7.5epss 0.04

    The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-information page.

  • CVE-2018-5287HigJan 8, 2018
    risk 0.49cvss 7.5epss 0.04

    The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-about page.

  • CVE-2024-25093HigFeb 29, 2024
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Milan Petrovic GD Rating System allows Stored XSS.This issue affects GD Rating System: from n/a through 3.5.

  • CVE-2017-18591MedAug 27, 2019
    risk 0.40cvss 6.1epss 0.01

    The gd-rating-system plugin before 2.1 for WordPress has XSS in log.php.

  • CVE-2018-5293MedJan 8, 2018
    risk 0.40cvss 6.1epss 0.01

    The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-tools page.

  • CVE-2018-5292MedJan 8, 2018
    risk 0.40cvss 6.1epss 0.01

    The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-information page.

  • CVE-2018-5288MedJan 8, 2018
    risk 0.40cvss 6.1epss 0.01

    The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page.

  • CVE-2018-5286MedJan 8, 2018
    risk 0.40cvss 6.1epss 0.01

    The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-about page.

  • CVE-2024-11198MedNov 19, 2024
    risk 0.35cvss 6.4epss 0.00

    The GD Rating System plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘extra_class’ parameter in all versions up to, and including, 3.6.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,…

  • CVE-2024-38709MedJul 12, 2024
    risk 0.34cvss 5.3epss 0.01

    Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') vulnerability in Milan Petrovic GD Rating System allows PHP Local File Inclusion.This issue affects GD Rating System: from n/a through 3.6.