2 results (0.001 seconds)

CVSS: 4.0EPSS: 0%CPEs: 65EXPL: 0

A vulnerability was found in GamerZ WP-PostRatings up to 1.64. It has been classified as problematic. This affects an unknown part of the file wp-postratings.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. • https://github.com/wp-plugins/wp-postratings/commit/6182a5682b12369ced0becd3b505439ce2eb8132 https://github.com/wp-plugins/wp-postratings/commit/dcc68d03693152eba14d6fb33ba42528ff60e06a https://github.com/wp-plugins/wp-postratings/releases/tag/1.65 https://vuldb.com/?ctiid.259629 https://vuldb.com/?id.259629 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 0

SQL injection vulnerability in wp-stats.php in GaMerZ WP-Stats 2.0 allows remote attackers to execute arbitrary SQL commands via the author parameter. • http://osvdb.org/ref/22/22450-wpstats.txt http://secunia.com/advisories/18471 http://www.lesterchan.net/blogs http://www.lesterchan.net/blogs/archives/2006/01/18/wp-stats-sql-injection-vulnerability http://www.osvdb.org/22450 http://www.securityfocus.com/bid/16241 http://www.vupen.com/english/advisories/2006/0192 https://exchange.xforce.ibmcloud.com/vulnerabilities/24163 •