Back
WordPress Yet Another Stars Rating plugin <= 1.8.6 - PHP Object Injection vulnerability
- Product
- Yet Another Stars Rating
- Description
- PHP Object Injection vulnerability found by Paul Dannewitz in WordPress Yet Another Stars Rating plugin (versions <= 1.8.6).
- Solution
- Update the WordPress Yet Another Stars Rating plugin to the latest available version (at least 1.8.7).
- Classification
-
Type PHP Object Injection
OWASP Top 10 A1: Injection
- References
-
Plugin changelog
- CVE
- Name CVE-N/A
- Versions
-
Affected In
<= 1.8.6
Fixed In 1.8.7
- Disclosure date
- 2019-01-28
- Credits
- Paul Dannewitz
- Submitter
- ThreatPress