PatchSiren

Milan Petrovic CVE debriefs

These pages are published after PatchSiren validates generated defensive summaries against stored public CVE and source evidence.

HIGH Milan Petrovic CVE published 2026-07-13

CVE-2026-57771

A SQL injection vulnerability was discovered in the GD Rating System, a WordPress plugin. The issue, tracked as CVE-2026-57771, allows for blind SQL injection. The vulnerability has a CVSS score of 8.5 and is considered high severity. This issue affects GD Rating System from n/a through <= 3.7. Administrators and users should be aware of this vulnerability and take steps to mitigate it.

HIGH Milan Petrovic CVE published 2026-07-13

CVE-2026-57403

A Cross-site Scripting vulnerability was found in the GD Security Headers plugin. This issue allows for Reflected XSS and affects versions up to and including 1.8. The vulnerability is classified as a Cross-site Scripting (XSS) issue due to improper neutralization of input during web page generation. Users of the GD Security Headers plugin, especially those with versions up to and including 1.8, should be [truncated]