Blog

"Prevention is cheaper than a breach"

Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High0

Medium2

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-06-17

CVE-2021-25117 - Wp Postratings Plugin

The WP-PostRatings WordPress plugin before 1.86.1 does not sanitise the postratings_image parameter from its options page (wp-admin/admin.php?page=wp-postratings/postratings-options.php). Even though the page is only accessible to administrators, and protected against CSRF attacks, the issue is still exploitable when the unfiltered_html capability is disabled.

PLUGIN Wp Postratings

CVE-2021-25117

MEDIUM CVSS 4.8 2024-01-16

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2025-02-20

CVE-2022-36422 - Wp Postratings Plugin

Rating increase/decrease via race condition in Lester 'GaMerZ' Chan WP-PostRatings plugin

PLUGIN Wp Postratings

CVE-2022-36422

MEDIUM CVSS 4.3 2022-09-09