Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

Customer Reviews for WooCommerce — Vulnerabilities & Security Advisories 15

All 15 CVE vulnerabilities found in Customer Reviews for WooCommerce, with AI-generated Chinese analysis, references, and POCs.

Vendor: Unknown

CVE IDTitleCVSSSeverityPublished
CVE-2026-3355 Customer Reviews for WooCommerce <= 5.101.0 - Reflected Cross-Site Scripting via 'crsearch' CWE-79 6.1 Medium2026-04-16
CVE-2026-4664 Customer Reviews for WooCommerce <= 5.103.0 - Unauthenticated Authentication Bypass to Arbitrary Review Submission via 'key' Parameter CWE-287 5.3 Medium2026-04-10
CVE-2026-1316 Customer Reviews for WooCommerce <= 5.97.0 - Unauthenticated Stored Cross-Site Scripting via media[].href Parameter CWE-79 7.2 High2026-02-12
CVE-2025-14891 Customer Reviews for WooCommerce <= 5.93.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via displayName Parameter CWE-79 6.4 Medium2026-01-07
CVE-2025-5720 Customer Reviews for WooCommerce <= 5.80.2 - Unauthenticated Stored Cross-Site Scripting via `author` Parameter CWE-79 6.4 Medium2025-07-31
CVE-2023-45101 WordPress Customer Reviews for WooCommerce plugin <= 5.36.0 - Broken Access Control vulnerability CWE-862 7.1 -2025-01-02
CVE-2024-10614 Customer Reviews for WooCommerce <= 5.61.0 - Missing Authorization to Authenticated (Subscriber+) Import Cancellation CWE-862 4.3 Medium2024-11-16
CVE-2024-3731 Customer Reviews for WooCommerce <= 5.47.0 - Reflected Cross-Site Scripting via 's' CWE-79 6.1 Medium2024-04-19
CVE-2024-3243 Customer Reviews for WooCommerce <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Email Sending CWE-862 4.3 Medium2024-04-16
CVE-2024-3869 Customer Reviews for WooCommerce <= 5.46.0 - Missing Authorization to Authenticated (Subscriber+) Coupon Search CWE-862 4.3 Medium2024-04-16
CVE-2023-51692 WordPress Customer Reviews for WooCommerce Plugin <= 5.38.1 is vulnerable to Broken Access Control CWE-862 4.3 Medium2024-02-28
CVE-2024-1044 Customer Reviews for WooCommerce <= 5.38.10 - Improper Authorization via submit_review CWE-284 5.3 Medium2024-02-20
CVE-2023-0079 Customer Reviews for WooCommerce < 5.17.0 - Contributor+ Stored XSS 5.4AIMediumAI2024-01-16
CVE-2023-6979 Customer Reviews for WooCommerce <= 5.38.9 - Authenticated (Author+) Arbitrary File Upload CWE-434 8.8 High2024-01-11
CVE-2023-0080 Customer Reviews for WooCommerce < 5.16.0 - Contributor+ LFI 8.8 -2023-02-13

All 15 known CVE vulnerabilities affecting Customer Reviews for WooCommerce with full Chinese analysis, references, and POCs where available.