CVE-2024-39659
- EPSS 0.22%
- Veröffentlicht 01.08.2024 22:15:27
- Zuletzt bearbeitet 31.03.2025 18:22:48
Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Lester ‘GaMerZ’ Chan WP-PostRatings allows Stored XSS.This issue affects WP-PostRatings: from n/a through 1.91.1.
CVE-2023-40332
- EPSS 0.63%
- Veröffentlicht 04.06.2024 08:15:09
- Zuletzt bearbeitet 03.04.2025 00:27:22
Improper Control of Interaction Frequency vulnerability in Lester ‘GaMerZ’ Chan WP-PostRatings allows Functionality Misuse.This issue affects WP-PostRatings: from n/a through 1.91.
CVE-2011-10006
- EPSS 0.07%
- Veröffentlicht 08.04.2024 13:15:07
- Zuletzt bearbeitet 11.04.2025 12:51:20
A vulnerability was found in GamerZ WP-PostRatings up to 1.64. It has been classified as problematic. This affects an unknown part of the file wp-postratings.php. The manipulation leads to cross site scripting. It is possible to initiate the attack r...
CVE-2021-25117
- EPSS 0.15%
- Veröffentlicht 16.01.2024 16:15:09
- Zuletzt bearbeitet 17.06.2025 14:15:26
The WP-PostRatings WordPress plugin before 1.86.1 does not sanitise the postratings_image parameter from its options page (wp-admin/admin.php?page=wp-postratings/postratings-options.php). Even though the page is only accessible to administrators, and...
- EPSS 0.32%
- Veröffentlicht 30.11.2011 19:55:00
- Zuletzt bearbeitet 11.04.2025 00:51:21
SQL injection vulnerability in wp-postratings.php in the WP-PostRatings plugin 1.50, 1.61, and probably other versions before 1.62 for WordPress allows remote authenticated users with the Author role to execute arbitrary SQL commands via the id attri...