WordPress Plugin Vulnerabilities

GD Star Rating 1.9.22 - Cross-Site Request Forgery (CSRF)

Description

The gd-star-rating WordPress plugin was affected by a Cross-Site Request Forgery (CSRF) security vulnerability.

Affects Plugins

Plugin icon
gd-star-rating
No known fix

References

CVE
CVE-2014-2838
URL
https://packetstormsecurity.com/files/#125932/
URL
https://seclists.org/fulldisclosure/2014/Mar/399

Classification

Type
CSRF
OWASP top 10
A2: Broken Authentication and Session Management
CWE
CWE-352

Miscellaneous

Verified
No
WPVDB ID
05ba3249-3bee-47d5-80cc-596898b03dfd

Timeline

Publicly Published
2014-08-01 (about 11 years ago)
Added
2014-08-01 (about 11 years ago)
Last Updated
2019-10-21 (about 6 years ago)

Other

Published
Title
Published
2022-01-05
Title
SupportCandy < 2.2.7 - Arbitrary Ticket Deletion via CSRF
Published
2022-08-25
Title
Better Font Awesome < 2.0.2 - Settings Update via CSRF
Published
2024-05-24
Title
Pray For Me <= 1.0.4 - Settings Update via CSRF
Published
2021-07-28
Title
Post Index <= 0.7.5 - CSRF to Stored XSS
Published
2024-04-22
Title
Headline Analyzer < 1.3.4 - Cross-Site Request Forgery