2019-10-10 16:01:50
mitre
PUBLISHED
The yet-another-stars-rating plugin before 0.9.1 for WordPress has yasr_get_multi_set_values_and_field SQL injection via the set_id parameter.