CVE-2021-24893

CVE-2021-24893: Stars Rating < 3.5.1 - Comments Denial of Service

Vendor Unknown
Product Stars Rating
Weakness CWE-400
Published January 3, 2022
Last update August 3, 2024

CVSS base score

What the vulnerability does

01Description

The Stars Rating WordPress plugin before 3.5.1 does not validate the submitted rating, allowing submission of long integer, causing a Denial of Service in the comments section, or pending comment dashboard depending if the user sent it as unauthenticated or authenticated.

Key dates

02Disclosure timeline

January 3, 2022 CVE published
August 3, 2024 Record updated