4 matches found
CVE-2025-12510
The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 13.2.4 due to insufficient input sanitization and output escaping on Google Reviews data imported by the plugin. This makes it possible for unauthenticated...
EUVD-2025-201510
The Widgets for Google Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 13.2.4 due to insufficient input sanitization and output escaping on Google Reviews data imported by the plugin. This makes it possible for unauthenticated...
CVE-2025-12510
The CVE 2025-12510 entry concerns the WordPress plugin Widgets for Google Reviews (aka Widgets for Google Reviews) vulnerable to unauthenticated stored XSS via Google Reviews data. Affected versions are up to and including 13.2.4; the root cause is insufficient input sanitization and output escap...
PT-2025-49325
Name of the Vulnerable Software and Affected Versions Widgets for Google Reviews versions prior to 13.2.5 Description The Widgets for Google Reviews plugin for WordPress is susceptible to Stored Cross-Site Scripting due to inadequate input sanitization and output escaping when handling Google...