Dev4Press Gd Rating System vulnerabilities
3 known vulnerabilities affecting dev4press/gd_rating_system.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2026-42639P2CRITICALCVSS 9.3≥ n/a, ≤ 3.6.22026-06-15
CVE-2026-42639 [CRITICAL] CWE-89 CVE-2026-42639: Unauthenticated SQL Injection in GD Rating System <= 3.6.2 versions.
Unauthenticated SQL Injection in GD Rating System <= 3.6.2 versions.
nvd
CVE-2017-18591P4MEDIUMCVSS 6.1fixed in 2.12019-08-27
CVE-2017-18591 [MEDIUM] CWE-79 CVE-2017-18591: The gd-rating-system plugin before 2.1 for WordPress has XSS in log.php.
The gd-rating-system plugin before 2.1 for WordPress has XSS in log.php.
nvd
CVE-2024-25093P4MEDIUMCVSS 6.1fixed in 3.5.12024-02-29
CVE-2024-25093 [MEDIUM] CWE-79 CVE-2024-25093: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Milan Petrovic GD Rating System allows Stored XSS.This issue affects GD Rating System: from n/a through 3.5.
nvd