134 matches found
WordPress Embedder for Google Reviews plugin <= 1.6.6 - Unauthenticated Reflected Cross-Site Scripting vulnerability
Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin Embedder for Google Reviews versions = 1.6.6...
CVE-2026-32360
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richplugins Rich Showcase for Google Reviews widget-google-reviews allows Stored XSS.This issue affects Rich Showcase for Google Reviews: from n/a through = 6.9.4.3...
CVE-2025-10731 ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More <= 2.2.12 - Unauthenticated Sensitive Information Exposure to Data Export
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.12 via the allReminderSettings function. This makes it possible for...
EUVD-2026-11850
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richplugins Rich Showcase for Google Reviews widget-google-reviews allows Stored XSS.This issue affects Rich Showcase for Google Reviews: from n/a through = 6.9.4.3...
CVE-2026-32360
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richplugins Rich Showcase for Google Reviews widget-google-reviews allows Stored XSS.This issue affects Rich Showcase for Google Reviews: from n/a through = 6.9.4.3...
CVE-2026-32360 WordPress Rich Showcase for Google Reviews plugin <= 6.9.4.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richplugins Rich Showcase for Google Reviews widget-google-reviews allows Stored XSS.This issue affects Rich Showcase for Google Reviews: from n/a through = 6.9.4.3...
CVE-2026-32360
CVE-2026-32360 affects the WordPress Rich Showcase for Google Reviews plugin (widget-google-reviews) up to version 6.9.4.3. Root cause: improper neutralization of input during web page generation, enabling a Stored XSS vulnerability. Affected scope is described as Rich Showcase for Google Reviews...
CVE-2026-32360
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richplugins Rich Showcase for Google Reviews widget-google-reviews allows Stored XSS.This issue affects Rich Showcase for Google Reviews: from n/a through = 6.9.4.3...
CVE-2026-32360 WordPress Rich Showcase for Google Reviews plugin <= 6.9.4.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richplugins Rich Showcase for Google Reviews widget-google-reviews allows Stored XSS.This issue affects Rich Showcase for Google Reviews: from n/a through = 6.9.4.3...
PT-2026-25207
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in richplugins Rich Showcase for Google Reviews widget-google-reviews allows Stored XSS.This issue affects Rich Showcase for Google Reviews: from n/a through = 6.9.4.3...
WordPress plugin Rich Showcase for Google Reviews 跨站脚本漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...
WordPress Widget for Google Reviews plugin <= 1.0.15 - Authenticated (Subscriber+) Directory Traversal to Local File Inclusion vulnerability
Authenticated Subscriber+ Directory Traversal to Local File Inclusion vulnerability discovered by mikemyers in WordPress Plugin Widget for Google Reviews versions = 1.0.15...
WordPress Widgets For Google Reviews Cross-Site Scripting Vulnerability
WordPress Widgets For Google Reviews is a category of WordPress plugins designed to help webmasters easily display Google Business Reviews Google reviews on their websites. WordPress Widgets For Google Reviews suffers from a cross-site scripting vulnerability that stems from stored cross-site...
CVE-2025-9436
The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's trustindex shortcode in all versions up to, and including, 13.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-9436 Widgets for Google Reviews <= 13.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trustindex Shortcode
The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's trustindex shortcode in all versions up to, and including, 13.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2025-9436
CVE-2025-9436 affects the WordPress plugin “Widgets for Google Reviews” (trustindex shortcode). All versions up to 13.2.1 are vulnerable to Stored Cross-Site Scripting due to insufficient input sanitization and output escaping on user-supplied attributes. Exploitation requires authenticated acces...
CVE-2025-9436 Widgets for Google Reviews <= 13.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trustindex Shortcode
The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's trustindex shortcode in all versions up to, and including, 13.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
EUVD-2025-202662
The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's trustindex shortcode in all versions up to, and including, 13.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
WordPress Widgets for Google Reviews plugin <= 13.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trustindex Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via trustindex Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Widgets for Google Reviews versions = 13.2.1...
PT-2025-50575
The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's trustindex shortcode in all versions up to, and including, 13.2.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...