Drew Jones

**Name of the Vulnerable Software and Affected Versions** The Rating by BestWebSoft WordPress plugin versions prior to 1.6 **Description** The issue allows submission of a long integer as a rating, causing a Denial of Service on the post/page when such a rating is submitted. This occurs due to the lack of validation of the submitted rating. **Recommendations** For versions prior to 1.6, update to version 1.6 or later to resolve the issue. As a temporary workaround, consider implementing input validation for ratings to prevent the submission of long integers.

**Name of the Vulnerable Software and Affected Versions** The Stars Rating WordPress plugin versions prior to 3.5.1 **Description** The issue allows submission of a long integer, causing a Denial of Service in the comments section or pending comment dashboard, depending on whether the user sent it as unauthenticated or authenticated. This occurs because the plugin does not validate the submitted rating. **Recommendations** For versions prior to 3.5.1, update to version 3.5.1 or later to resolve the issue. As a temporary workaround, consider restricting access to the comments section and pending comment dashboard to minimize the risk of exploitation.

Name of the Vulnerable Software and Affected Versions: Reviews Plus WordPress plugin versions prior to 1.2.14 Description: The issue allows submission of a long integer as a rating, causing a Denial of Service in the review section when an authenticated user submits such a rating and the reviews are set to be displayed on the post/page. Recommendations: For versions prior to 1.2.14, update to version 1.2.14 or later to resolve the issue.