CVE-2015-9465

CVE-2015-9465

EPSS 1.9%

The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

http://cinu.pl/research/wp-plugins/mail_041b796c7533880df03a43895fed5f00.html https://wordpress.org/plugins/yet-another-stars-rating/#developers https://wpvulndb.com/vulnerabilities/8309