CVE-2018-5288 – GD Rating System <= 2.3 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-5288
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page. El plugin GD Rating System 2.3 para WordPress tiene Cross-Site Scripting (XSS) mediante el parámetro panel en wp-admin/admin.php para la página gd-rating-system-transfer. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/gd-rating-system.md https://wordpress.org/support/topic/xss-lfi-bugs-at-the-latest-version-of-gd-rating-system https://wpvulndb.com/vulnerabilities/8995 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-5290 – GD Rating System <= 2.3 - Directory Traversal
https://notcve.org/view.php?id=CVE-2018-5290
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-transfer page. El plugin GD Rating System 2.3 para WordPress tiene una vulnerabilidad de salto de directorio en el parámetro panel en wp-admin/admin.php para la página gd-rating-system-transfer. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/gd-rating-system.md https://wordpress.org/support/topic/xss-lfi-bugs-at-the-latest-version-of-gd-rating-system https://wpvulndb.com/vulnerabilities/8995 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2018-5293 – GD Rating System <= 2.3 - Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-5293
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-system-tools page. El plugin GD Rating System 2.3 para WordPress tiene Cross-Site Scripting (XSS) mediante el parámetro panel en wp-admin/admin.php para la página gd-rating-system-tools. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/gd-rating-system.md https://wordpress.org/support/topic/xss-lfi-bugs-at-the-latest-version-of-gd-rating-system https://wpvulndb.com/vulnerabilities/8995 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2018-5291 – GD Rating System <= 2.3 - Directory Traversal
https://notcve.org/view.php?id=CVE-2018-5291
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-tools page. El plugin GD Rating System 2.3 para WordPress tiene una vulnerabilidad de salto de directorio en el parámetro panel en wp-admin/admin.php para la página gd-rating-system-tools. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/gd-rating-system.md https://wordpress.org/support/topic/xss-lfi-bugs-at-the-latest-version-of-gd-rating-system https://wpvulndb.com/vulnerabilities/8995 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVE-2018-5287 – GD Rating System <= 2.3 - Directory Traversal
https://notcve.org/view.php?id=CVE-2018-5287
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the gd-rating-system-about page. El plugin GD Rating System 2.3 para WordPress tiene una vulnerabilidad de salto de directorio en el parámetro panel en wp-admin/admin.php para la página gd-rating-system-about. • https://github.com/d4wner/Vulnerabilities-Report/blob/master/gd-rating-system.md https://wordpress.org/support/topic/xss-lfi-bugs-at-the-latest-version-of-gd-rating-system https://wpvulndb.com/vulnerabilities/8995 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •