Search Results | AttackerKB

5 Total Results

Displaying 1-5 of 5

Attacker Value

Unknown

CVE-2023-39305

Disclosure Date: December 13, 2024 (last updated December 18, 2024)

Missing Authorization vulnerability in YetAnotherStarsRating.com Yet Another Stars Rating allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Yet Another Stars Rating: from n/a through 3.4.3.

Attacker Value

Unknown

CVE-2023-37867

Disclosure Date: November 30, 2023 (last updated December 06, 2023)

Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in YetAnotherStarsRating.Com YASR – Yet Another Star Rating Plugin for WordPress.This issue affects YASR – Yet Another Star Rating Plugin for WordPress: from n/a through 3.3.8.

Attacker Value

Unknown

CVE-2022-40699

Disclosure Date: March 16, 2023 (last updated November 08, 2023)

Cross-Site Scripting (XSS) vulnerability in Dario Curvino Yasr – Yet Another Stars Rating plugin <= 3.1.2 versions.

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2022-23980

Disclosure Date: February 03, 2022 (last updated February 23, 2025)

Cross-Site Scripting (XSS) vulnerability discovered in Yasr – Yet Another Stars Rating WordPress plugin (versions <= 2.9.9), vulnerable at parameter 'source'.

Attack Vector: Network Privileges: None User Interaction: Required

Attacker Value

Unknown

CVE-2015-9465

Disclosure Date: October 10, 2019 (last updated November 27, 2024)

The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter.

Attack Vector: Network Privileges: Low User Interaction: None

5 Total Results

Displaying 1-5 of 5

Unknown

CVE-2023-39305

Unknown

CVE-2023-37867

Unknown

CVE-2022-40699

Unknown

CVE-2022-23980

Unknown

CVE-2015-9465

Quick Cookie Notification