| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2022-40194 | WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Sensitive Information Disclosure vulnerability | CusRev | Customer Reviews for WooCommerce (WordPress plugin) | Medium | 5.3 | 2022-09-23 15:05:35 | Deep Dive |
| CVE-2022-2555 | Yotpo Reviews for WooCommerce <= 2.0.4 - Arbitrary Settings Update via CSRF | Unknown | Yotpo Reviews for WooCommerce (Unofficial) | 中危 | - | 2022-08-22 15:04:12 | Deep Dive |
| CVE-2021-36861 | WordPress Rich Reviews by Starfish plugin <= 1.9.14 - Cross-Site Request Forgery (CSRF) vulnerability | Starfish Reviews | Rich Reviews by Starfish (WordPress plugin) | Medium | 5.4 | 2022-08-05 15:08:36 | Deep Dive |
| CVE-2022-2108 | Wbcom Designs – BuddyPress Group Reviews <= 2.8.3 - Unauthorized AJAX Actions due to Nonce Bypass | wbcomdesigns | Wbcom Designs – BuddyPress Group Reviews | Medium | 6.5 | 2022-07-18 16:12:54 | Deep Dive |
| CVE-2022-1772 | Google Places Review < 2.0.0 - Admin+ Stored Cross Site Scripting | Unknown | Google Places Reviews | 中危 | - | 2022-06-13 12:42:45 | Deep Dive |
| CVE-2021-24867 | Backdoored Plugins & Themes from AccessPress Themes | AccessPress Themes | Frontend Post WordPress Plugin – AccessPress Anonymous Post | 超危 | - | 2022-02-21 10:45:39 | Deep Dive |
| CVE-2021-24973 | Site Reviews < 5.17.3 - Unauthenticated Stored Cross-Site Scripting | Unknown | Site Reviews | 中危 | - | 2022-01-03 12:49:09 | Deep Dive |
| CVE-2021-24753 | Rich Reviews by Starfish < 1.9.6 - Admin+ SQL Injection | Unknown | Rich Reviews by Starfish | 高危 | - | 2021-12-27 10:33:18 | Deep Dive |
| CVE-2021-24894 | Reviews Plus < 1.2.14 - Subscriber+ Reviews DoS | Unknown | Reviews Plus | 中危 | - | 2021-11-23 19:16:24 | Deep Dive |
| CVE-2021-24603 | Site Reviews < 5.13.1 - Authenticated Stored XSS | Unknown | Site Reviews | 中危 | - | 2021-09-06 11:09:33 | Deep Dive |
| CVE-2021-24492 | Handsome Testimonials & Reviews < 2.1.1 - Authenticated (Subscriber+) SQL Injection | Unknown | Handsome Testimonials & Reviews | 高危 | - | 2021-08-02 10:32:26 | Deep Dive |
| CVE-2021-24296 | WP Customer Reviews < 3.5.6 - Authenticated Stored Cross-Site Scripting (XSS) | Go Web Solutions | WP Customer Reviews | 中危 | - | 2021-05-24 10:58:04 | Deep Dive |
| CVE-2021-24135 | WP Customer Reviews < 3.4.3 - Multiple Unauthenticated and Low Priv Authenticated Stored XSS | Unknown | WP Customer Reviews | 中危 | - | 2021-03-18 14:57:49 | Deep Dive |
| CVE-2018-0603 | WordPress Site Reviews 跨站脚本漏洞 | Gemini Labs | Site Reviews | 中危 | - | 2018-06-26 14:00:00 | Deep Dive |