Severity by source
AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Unauthenticated network-reachable SQLi (AV:N/AC:L/PR:N/UI:N); scope changes to DB authority (S:C); read-only injection per source (C:H, I:N), with query-based A:L.
Primary rating from Vendor (Patchstack).
CVSS VectorVendor: Patchstack
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:L
Lifecycle Timeline
2DescriptionCVE.org
Unauthenticated SQL Injection in GD Rating System <= 3.6.2 versions.
AnalysisAI
Unauthenticated SQL injection in the GD Rating System WordPress plugin (versions <= 3.6.2) allows remote attackers to inject arbitrary SQL queries against the WordPress database without any authentication or user interaction. The flaw carries a CVSS 3.1 score of 9.3 with scope change, indicating database tampering can affect resources beyond the plugin itself. No public exploit identified at time of analysis, and the vulnerability is not currently listed in CISA KEV.
Technical ContextAI
GD Rating System is a WordPress plugin developed by Dev4Press (CPE: cpe:2.3:a:dev4press:gd_rating_system) that provides post and content rating functionality. The vulnerability falls under CWE-89 (Improper Neutralization of Special Elements used in an SQL Command), meaning user-supplied input is concatenated into SQL statements without proper parameterization or escaping. In WordPress plugin contexts, this typically arises in AJAX endpoints, REST routes, or front-end form handlers where rating IDs, post IDs, or filter parameters are passed directly to $wpdb queries. The CVSS scope change (S:C) signal indicates that successful exploitation impacts the underlying WordPress database - a security authority distinct from the plugin component itself.
RemediationAI
Patch status from the supplied data is ambiguous - no exact fix version is named in the input, so treat this as: patch availability not independently confirmed from provided references; consult the Patchstack advisory at https://patchstack.com/database/wordpress/plugin/gd-rating-system/vulnerability/wordpress-gd-rating-system-plugin-3-6-2-sql-injection-vulnerability and the Dev4Press plugin page on wordpress.org for a version newer than 3.6.2. If a fixed release is unavailable, deactivate and remove the GD Rating System plugin (rating widgets will disappear from posts), or place the site behind a WAF with WordPress-aware SQLi signatures (Wordfence, Patchstack mu-plugin, Cloudflare Managed Ruleset) accepting that custom rating parameters may need allowlist tuning. As a stop-gap, restrict access to the plugin's AJAX/REST endpoints (typically under /wp-admin/admin-ajax.php with plugin-specific actions, or /wp-json/) via web server rules, understanding this may break legitimate front-end rating submissions.
More in Gd Rating System
View allThe GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the
The GD Rating System plugin 2.3 for WordPress has Directory Traversal in the wp-admin/admin.php panel parameter for the
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-syste
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-syste
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-syste
The GD Rating System plugin 2.3 for WordPress has XSS via the wp-admin/admin.php panel parameter for the gd-rating-syste
Blind SQL injection in the GD Rating System WordPress plugin (versions up to and including 3.7) allows authenticated att
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Milan Petrovic GD
Same weakness CWE-89 – SQL Injection
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-36815
GHSA-3cvj-x7f9-wmv2