| CVE-2025-39533 | WordPress Starfish Review Generation & Marketing plugin <= 3.1.19 - Privilege Escalation vulnerability | Starfish Reviews | Starfish Review Generation & Marketing | High | 8.8 | 2025-04-17 15:46:54 | Deep Dive |
| CVE-2025-39442 | WordPress Review Wave – Google Places Reviews plugin <= 1.4.7 - Cross Site Request Forgery (CSRF) vulnerability | MessageMetric | Review Wave – Google Places Reviews | High | 7.1 | 2025-04-17 15:16:50 | Deep Dive |
| CVE-2025-3063 | Shopper Approved Reviews 2.0 - 2.1 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Options Update | shopperapprovedapp | Shopper Approved Reviews | High | 8.8 | 2025-04-02 09:21:46 | Deep Dive |
| CVE-2025-31886 | WordPress Social proof testimonials and reviews by Repuso plugin <= 5.21 - Broken Access Control vulnerability | Repuso | Social proof testimonials and reviews by Repuso | Medium | 4.3 | 2025-04-01 14:52:19 | Deep Dive |
| CVE-2025-30883 | WordPress Trust.Reviews plugin <= 2.3 - Broken Access Control vulnerability | richplugins | Trust.Reviews | Medium | 4.3 | 2025-03-27 10:55:41 | Deep Dive |
| CVE-2025-30801 | WordPress TWB Woocommerce Reviews plugin <= 1.7.7 - Cross Site Request Forgery (CSRF) vulnerability | Abu Bakar | TWB Woocommerce Reviews | Medium | 4.3 | 2025-03-27 10:54:54 | Deep Dive |
| CVE-2025-1232 | Site Reviews < 7.2.5 - Unauthenticated Stored XSS | Unknown | Site Reviews | 高危 | - | 2025-03-19 06:00:02 | Deep Dive |
| CVE-2025-23739 | WordPress WP Ultimate Reviews FREE plugin <= 1.0.2 - Reflected Cross Site Scripting (XSS) vulnerability | jtibbles | WP Ultimate Reviews FREE | High | 7.1 | 2025-03-03 13:30:18 | Deep Dive |
| CVE-2024-13392 | Rate Star Review Vote – AJAX Reviews, Votes, Star Ratings <= 1.6.3 - Authenticated (Contributor+) Stored Cross-Site Scripting | videowhisper | Rate Star Review Vote – AJAX Reviews, Votes, Star Ratings | Medium | 6.4 | 2025-01-18 07:11:24 | Deep Dive |
| CVE-2024-13351 | Social proof testimonials and reviews by Repuso <= 5.20 - Authenticated (Contributor+) Stored Cross-Site Scripting | neran | Reviews Widgets for Google & 45+ platforms by Repuso | High | 7.2 | 2025-01-15 09:25:56 | Deep Dive |
| CVE-2023-46196 | WordPress Social proof testimonials and reviews by Repuso plugin <= 4.97 - Broken Access Control vulnerability | Repuso | Social proof testimonials and reviews by Repuso | 中危 | - | 2025-01-02 12:00:12 | Deep Dive |
| CVE-2023-45101 | WordPress Customer Reviews for WooCommerce plugin <= 5.36.0 - Broken Access Control vulnerability | CusRev | Customer Reviews for WooCommerce | 中危 | - | 2025-01-02 11:59:49 | Deep Dive |
| CVE-2023-23986 | WordPress Reviews and Rating – Google My Business plugin <= 4.14 - Broken Access Control vulnerability | Noah Hearle | Reviews and Rating – Google My Business | Medium | 5.4 | 2024-12-09 11:31:42 | Deep Dive |
| CVE-2023-27625 | WordPress Site Reviews plugin <= 6.5.0 - Broken Access Control vulnerability | Gemini Labs | Site Reviews | Medium | 4.3 | 2024-12-09 11:31:22 | Deep Dive |
| CVE-2023-30479 | WordPress Stamped.io Product Reviews & UGC for WooCommerce plugin <= 2.3.2 - Broken Access Control vulnerability | Stamped.io | Stamped.io Product Reviews & UGC for WooCommerce | Medium | 5.3 | 2024-12-09 11:31:06 | Deep Dive |
| CVE-2023-49832 | WordPress Site Reviews plugin <= 6.10.2 - Broken Access Control vulnerability | Gemini Labs | Site Reviews | 中危 | - | 2024-12-09 11:30:08 | Deep Dive |
| CVE-2024-11429 | Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews – Stars Testimonials <= 3.3.3 - Authenticated (Contributor+) Local File Inclusion | premio | Stars Testimonials — Responsive Reviews & Star Ratings | High | 8.8 | 2024-12-05 05:26:10 | Deep Dive |
| CVE-2024-10614 | Customer Reviews for WooCommerce <= 5.61.0 - Missing Authorization to Authenticated (Subscriber+) Import Cancellation | ivole | Customer Reviews for WooCommerce | Medium | 4.3 | 2024-11-16 05:39:34 | Deep Dive |
| CVE-2024-9356 | Yotpo: Product & Photo Reviews for WooCommerce <= 1.7.9 - Reflected Cross-Site Scripting | yotpo | Yotpo: Product & Photo Reviews for WooCommerce | Medium | 6.1 | 2024-11-15 05:30:56 | Deep Dive |
| CVE-2024-6479 | SIP Reviews Shortcode for WooCommerce <= 1.2.3 - Authenticated (Contributor+) SQL Injection | shopitpress | SIP Reviews Shortcode for WooCommerce | Medium | 6.5 | 2024-10-31 21:30:39 | Deep Dive |