RCE in Lesterchan Wp-postratings

CVE-2011-4646

SQL injection vulnerability in wp-postratings.php in the WP-PostRatings plugin 1.50, 1.61, and probably other versions before 1.62 for WordPress allows remote authenticated users with the Author role to execute arbitrary SQL commands via t…

Vulnerability class: RCE (Remote Code Execution)

EPSS: 0.016 (73.3th percentile) — read the EPSS interpretation.

Affected products

Weakness classification (CWE)

Public proof-of-concept exploits

References

Frequently asked questions

What is CVE-2011-4646?
CVE-2011-4646 is a vulnerability in Lesterchan Wp-postratings, classified under Code Injection. Published 2011-11-30.
Is CVE-2011-4646 known to be exploited?
1 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.