Headline
CVE-2023-37867: WordPress Yasr – Yet Another Stars Rating plugin <= 3.3.8 - Race Condition vulnerability - Patchstack
Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in YetAnotherStarsRating.Com YASR – Yet Another Star Rating Plugin for WordPress.This issue affects YASR – Yet Another Star Rating Plugin for WordPress: from n/a through 3.3.8.
Solution
Update to fix
Update the WordPress Yet Another Stars Rating plugin to the latest available version (at least 3.3.9).
Found this useful? Thank Abdi Pranata for reporting this vulnerability. Buy a coffee ☕
Abdi Pranata discovered and reported this Race Condition vulnerability in WordPress Yet Another Stars Rating Plugin. This vulnerability has been fixed in version 3.3.9.
Other vulnerabilities in this plugin
0 present
9 patched
View all
WordPress plugin developer?
Start a free security program for your WordPress plugins or request an audit.
Apply for MVDP
Security researcher?
Report to Patchstack Alliance bounty platform and earn monthly cash prizes.
Learn more