We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.

Please see our statement on Data Privacy.

Crisp.chat (Helpdesk and Chat)

Ok

THREATINT
PUBLISHED

CVE-2011-10006

GamerZ WP-PostRatings wp-postratings.php cross site scripting



Description

EN DE

A vulnerability was found in GamerZ WP-PostRatings up to 1.64. It has been classified as problematic. This affects an unknown part of the file wp-postratings.php. The manipulation leads to cross site scripting. It is possible to initiate the attack remotely. Upgrading to version 1.65 is able to address this issue. The identifier of the patch is 6182a5682b12369ced0becd3b505439ce2eb8132. It is recommended to upgrade the affected component. The identifier VDB-259629 was assigned to this vulnerability.

Es wurde eine Schwachstelle in GamerZ WP-PostRatings bis 1.64 ausgemacht. Sie wurde als problematisch eingestuft. Betroffen hiervon ist ein unbekannter Ablauf der Datei wp-postratings.php. Durch das Manipulieren mit unbekannten Daten kann eine cross site scripting-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff über das Netzwerk. Ein Aktualisieren auf die Version 1.65 vermag dieses Problem zu lösen. Der Patch wird als 6182a5682b12369ced0becd3b505439ce2eb8132 bezeichnet. Als bestmögliche Massnahme wird das Einspielen eines Upgrades empfohlen.

Reserved 2024-04-07 | Published 2024-04-08 | Updated 2024-08-07 | Assigner VulDB


LOW: 3.5CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
LOW: 3.5CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:L/A:N
4.0AV:N/AC:L/Au:S/C:N/I:P/A:N

Problem types

CWE-79 Cross Site Scripting

Product status

1.0
affected

1.1
affected

1.2
affected

1.3
affected

1.4
affected

1.5
affected

1.6
affected

1.7
affected

1.8
affected

1.9
affected

1.10
affected

1.11
affected

1.12
affected

1.13
affected

1.14
affected

1.15
affected

1.16
affected

1.17
affected

1.18
affected

1.19
affected

1.20
affected

1.21
affected

1.22
affected

1.23
affected

1.24
affected

1.25
affected

1.26
affected

1.27
affected

1.28
affected

1.29
affected

1.30
affected

1.31
affected

1.32
affected

1.33
affected

1.34
affected

1.35
affected

1.36
affected

1.37
affected

1.38
affected

1.39
affected

1.40
affected

1.41
affected

1.42
affected

1.43
affected

1.44
affected

1.45
affected

1.46
affected

1.47
affected

1.48
affected

1.49
affected

1.50
affected

1.51
affected

1.52
affected

1.53
affected

1.54
affected

1.55
affected

1.56
affected

1.57
affected

1.58
affected

1.59
affected

1.60
affected

1.61
affected

1.62
affected

1.63
affected

1.64
affected

Timeline

2011-02-17:Advisory disclosed
2011-02-17:Countermeasure disclosed
2024-04-07:VulDB entry created
2024-04-07:VulDB entry last update

Credits

VulDB GitHub Commit Analyzer tool

References

vuldb.com/?id.259629 (VDB-259629 | GamerZ WP-PostRatings wp-postratings.php cross site scripting) vdb-entry

vuldb.com/?ctiid.259629 (VDB-259629 | CTI Indicators (IOB, IOC, TTP, IOA)) signature permissions-required

github.com/...ommit/dcc68d03693152eba14d6fb33ba42528ff60e06a patch

github.com/...ommit/6182a5682b12369ced0becd3b505439ce2eb8132 patch

github.com/wp-plugins/wp-postratings/releases/tag/1.65 patch

cve.org (CVE-2011-10006)

nvd.nist.gov (CVE-2011-10006)

Download JSON

Share this page
https://cve.threatint.com/CVE/CVE-2011-10006

Support options

Helpdesk Chat, Email, Knowledgebase
Subscribe to our newsletter to learn more about our work.

© Copyright 2025 THREATINT
Made in Cyprus with +
 System status
Find us on
Data Privacy
Terms of Use
Logo BSI Allianz für Cyber-Sicherheit
Error loading Crisp.chat. Please check your web content filter and browser plugins.