Multi Rating <= 5.0.6 – Admin+ Stored XSS | CVE 2023-32130

Affects Plugins

multi-rating

No known fix

References

CVE

CVE-2023-32130

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

3.5 (low)

Miscellaneous

Original Researcher

yuyudhn

Verified

No

WPVDB ID

97374acd-42a5-46c0-a975-2ee5d1dfaed5

Timeline

Publicly Published

2023-05-04 (about 3 years ago)

Added

2023-08-21 (about 2 years ago)

Last Updated

2023-08-21 (about 2 years ago)

Other

Published

Title

Published

2025-04-24

Title

Blog Manager WP <= 1.0.5 - Authenticated (Administrator+) Stored Cross-Site Scripting

Published

2014-08-01

Title

WP Clone by WP Academy <= 2.1.1 - XSS in ZeroClipboard

Published

2024-05-06

Title

WPCS ( WordPress Custom Search ) <= 1.1 - Authenticated (Administrator+) Stored Cross-Site Scripting

Published

2024-10-28

Title

Ninja Forms < 3.8.18 - Admin+ Stored XSS

Published

2022-03-07

Title

Interactive Medical Drawing of Human Body < 2.6 - Admin+ Stored XSS