CVE-2026-4301 | videowhisper Rate Star Review Vote Plugin up to 1.6.4 on WordPress AJAX vwrsr_review rating_id authorization

Inserito da Angelo Barbosa | Mag 12, 2026 | CVE

A vulnerability was found in videowhisper Rate Star Review Vote Plugin up to 1.6.4 on WordPress and classified as critical. The affected element is the function vwrsr_review of the component AJAX Handler. The manipulation of the argument rating_id results in missing authorization.

This vulnerability is known as CVE-2026-4301. It is possible to launch the attack remotely. No exploit is available.

CVE-2026-4301 | videowhisper Rate Star Review Vote Plugin up to 1.6.4 on WordPress AJAX vwrsr_review rating_id authorization

Post correlati

CVE-2023-52134 | Eyal Fitoussi GEO my Plugin up to 4.0.2 on WordPress sql injection

CVE-2024-21151 | Oracle Solaris Operating System 11 Filesystem denial of service

CVE-2025-0197 | code-projects Point of Sales and Inventory Management System 1.0 /user/search.php name sql injection

CVE-2024-46607 | Thecosy IceCMS up to 3.4.7 UserController.java loginAdmin username/password access control