Vulnerabilities > YET Another Stars Rating Project
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-11-30 | CVE-2023-37867 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in YET Another Stars Rating Project YET Another Stars Rating Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in YetAnotherStarsRating.Com YASR – Yet Another Star Rating Plugin for WordPress.This issue affects YASR – Yet Another Star Rating Plugin for WordPress: from n/a through 3.3.8. | 8.1 |
| 2022-02-04 | CVE-2022-23980 | Cross-site Scripting vulnerability in YET Another Stars Rating Project YET Another Stars Rating Cross-Site Scripting (XSS) vulnerability discovered in Yasr – Yet Another Stars Rating WordPress plugin (versions <= 2.9.9), vulnerable at parameter 'source'. | 6.1 |
| 2019-10-10 | CVE-2015-9465 | SQL Injection vulnerability in YET Another Stars Rating Project YET Another Stars Rating The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter. | 8.8 |