Moc

moc

2 CVEs • 2 products

Products (2)

Click to collapse

Toggle

CVEs (2)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-8052 1Moc 1Review Ratings Jun 17, 2026 Sep 17, 2024 N/A· v4 6.1 MEDIUM· v3 N/A· v2 The Review Ratings WordPress plugin through 1.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a...Show more The Review Ratings WordPress plugin through 1.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.Show less
CVE-2024-8051 1Moc 1Special Feed Items Jun 17, 2026 Sep 17, 2024 N/A· v4 5.4 MEDIUM· v3 N/A· v2 The Special Feed Items WordPress plugin through 1.0.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads...Show more The Special Feed Items WordPress plugin through 1.0.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack.Show less

CVE

VENDORS

PRODUCTS

UPDATED

PUBLISHED

CVSS

CVE-2024-8052

1Moc

1Review Ratings

Jun 17, 2026

Sep 17, 2024

N/A· v4

6.1 MEDIUM· v3

N/A· v2

The Review Ratings WordPress plugin through 1.6 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a...Show more

CVE-2024-8051

1Moc

1Special Feed Items

Jun 17, 2026

Sep 17, 2024

N/A· v4

5.4 MEDIUM· v3

N/A· v2

The Special Feed Items WordPress plugin through 1.0.1 does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads...Show more