Vulnerabilities (CVE)

Filtered by vendor Yet Another Stars Rating Project Subscribe
Filtered by product Yet Another Stars Rating
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-37867 1 Yet Another Stars Rating Project 1 Yet Another Stars Rating 2024-11-21 N/A 3.7 LOW
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in YetAnotherStarsRating.Com YASR – Yet Another Star Rating Plugin for WordPress.This issue affects YASR – Yet Another Star Rating Plugin for WordPress: from n/a through 3.3.8.
CVE-2022-23980 1 Yet Another Stars Rating Project 1 Yet Another Stars Rating 2024-11-21 4.3 MEDIUM 4.7 MEDIUM
Cross-Site Scripting (XSS) vulnerability discovered in Yasr – Yet Another Stars Rating WordPress plugin (versions <= 2.9.9), vulnerable at parameter 'source'.
CVE-2015-9465 1 Yet Another Stars Rating Project 1 Yet Another Stars Rating 2024-11-21 6.5 MEDIUM 8.8 HIGH
The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter.