Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee
Vulnerability List
Clear Filters
Found 134 results
CVE IDTitleVendorProductSeverityCVSS ScorePublished AtAI Analysis
CVE-2024-6480 SIP Reviews Shortcode for WooCommerce <= 1.2.3 - Authenticated (Contributor+) Cross-Site Scripting shopitpressSIP Reviews Shortcode for WooCommerce Medium 6.4 2024-10-31 21:30:38 Deep Dive
CVE-2019-25216 Rich Reviews <= 1.7.4 - Stored Cross-Site Scripting starfishwpRich Reviews by Starfish High 7.2 2024-10-16 06:43:44 Deep Dive
CVE-2022-4974 Freemius SDK <= 2.4.2 - Missing Authorization Checks dashlabsltdYASR – Yet Another Star Rating Plugin for WordPress Medium 6.3 2024-10-16 06:43:30 Deep Dive
CVE-2024-8989 Stars Testimonials <= 3.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via stars_testimonials Shortcode premioStars Testimonials — Responsive Reviews & Star Ratings Medium 6.4 2024-10-01 07:30:15 Deep Dive
CVE-2024-8965 Absolute Reviews <= 1.1.3 - Authenticated (Contributor+) Stored DOM-Based Cross-Site Scripting via Criteria Name Code Supply Co.Absolute Reviews Medium 6.4 2024-09-27 05:31:02 Deep Dive
CVE-2024-8277 WooCommerce Photo Reviews Premium <= 1.3.13.2 - Authentication Bypass to Account Takeover and Privilege Escalation villathemeWooCommerce Photo Reviews Premium Critical 9.8 2024-09-11 08:31:05 Deep Dive
CVE-2024-8199 Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More <= 1.1.2 - Missing Authorization to Authenticated (Subscriber+) Limited Settings Update smubReviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More Medium 4.3 2024-08-27 15:32:32 Deep Dive
CVE-2024-8200 Reviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More <= 1.1.2 - Cross-Site Request Forgery smubReviews Feed – Add Testimonials and Customer Reviews From Google Reviews, Yelp, TripAdvisor, and More Medium 4.3 2024-08-27 15:32:32 Deep Dive
CVE-2024-7134 LiquidPoll <= 3.3.78 - Unauthenticated Stored Cross-Site Scripting via form_data Parameter liquidpollLiquidPoll – Polls, Surveys, NPS and Feedback Reviews High 7.2 2024-08-21 05:30:20 Deep Dive
CVE-2024-38677 WordPress REVIEWS.io plugin <= 1.2.7 - Cross Site Scripting (XSS) vulnerability Reviews.co.ukREVIEWS.io Medium 6.5 2024-07-20 07:50:33 Deep Dive
CVE-2024-37544 WordPress Get Better Reviews for WooCommerce plugin <= 4.0.6 - Broken Access Control vulnerability Saleswonder Team: TobiasGet Better Reviews for WooCommerce Medium 4.3 2024-07-12 13:26:07 Deep Dive
CVE-2024-3984 EmbedSocial – Social Media Feeds, Reviews and Galleries <= 1.1.29 - Authenticated (Contributor+) Stored Cross-Site Scripting embedsocialEmbedSocial – Social Media Feeds, Reviews and Galleries Medium 6.4 2024-06-19 03:12:31 Deep Dive
CVE-2024-34763 WordPress Builder for WooCommerce reviews shortcodes – ReviewShort plugin <= 1.01.5 - Broken Access Control vulnerability Saleswonder Team: TobiasBuilder for WooCommerce reviews shortcodes – ReviewShort Medium 5.3 2024-06-11 16:57:38 Deep Dive
CVE-2024-3050 Site Reviews < 7.0.0 - IP Spoofing UnknownSite Reviews--2024-05-29 06:00:02 Deep Dive
CVE-2024-5218 Reviews and Rating – Google Reviews <= 5.2 - Authenticated (Author+) Stored Cross-Site Scripting designextremeReviews and Rating – Google Reviews Medium 6.4 2024-05-25 03:30:48 Deep Dive
CVE-2024-3609 ReviewX – Multi-criteria Rating & Reviews for WooCommerce <= 1.6.27 - Missing Authorization reviewxReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema Medium 4.3 2024-05-16 20:31:05 Deep Dive
CVE-2024-33648 WordPress Recencio Book Reviews plugin <= 1.66.0 - Cross Site Scripting (XSS) vulnerability Kemory GrubbRecencio Book Reviews Medium 6.5 2024-04-29 04:54:32 Deep Dive
CVE-2024-32822 WordPress Reviews Plus plugin <= 1.3.4 - Broken Access Control vulnerability impleCodeReviews Plus Medium 4.3 2024-04-26 11:21:34 Deep Dive
CVE-2024-3731 Customer Reviews for WooCommerce <= 5.47.0 - Reflected Cross-Site Scripting via 's' ivoleCustomer Reviews for WooCommerce Medium 6.1 2024-04-19 02:34:44 Deep Dive
CVE-2024-3243 Customer Reviews for WooCommerce <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Sending ivoleCustomer Reviews for WooCommerce Medium 4.3 2024-04-16 12:51:47 Deep Dive