Update the WordPress Yet Another Stars Rating plugin to the latest available version (at least 1.8.7).
Paul Dannewitz discovered and reported this PHP Object Injection vulnerability in WordPress Yet Another Stars Rating Plugin. This could allow a malicious actor to execute code injection, SQL injection, path traversal, denial of service, and more. This could allow a malicious actor to take-over a website. This vulnerability has been fixed in version 1.8.7.
Toggle The Debug Mode via CrossSite Request Forgery (CSRF) vulnerability
28.02.2022
Sensitive Information Disclosure vulnerability
28.02.2022
CrossSite Scripting (XSS) vulnerability
03.02.2022
Blind SQL Injection
06.07.2015