Vulnerabilities > YET Another Stars Rating Project > YET Another Stars Rating > 2.9.6

DATE	CVE	VULNERABILITY TITLE	RISK
2023-11-30	CVE-2023-37867	Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in YET Another Stars Rating Project YET Another Stars Rating Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in YetAnotherStarsRating.Com YASR – Yet Another Star Rating Plugin for WordPress.This issue affects YASR – Yet Another Star Rating Plugin for WordPress: from n/a through 3.3.8. network high complexity yet-another-stars-rating-project CWE-367	8.1
2022-02-04	CVE-2022-23980	Cross-site Scripting vulnerability in YET Another Stars Rating Project YET Another Stars Rating Cross-Site Scripting (XSS) vulnerability discovered in Yasr – Yet Another Stars Rating WordPress plugin (versions <= 2.9.9), vulnerable at parameter 'source'. network low complexity yet-another-stars-rating-project CWE-79	6.1

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.