Lucene search
K

85 matches found

Patchstack
Patchstack
added 2026/06/08 3:4 p.m.11 views

WordPress Helpfulcrowd Product Reviews plugin <= 1.2.9 - Inccorect Authorization vulnerability

Inccorect Authorization vulnerability discovered by Legion Hunter in WordPress Plugin Helpfulcrowd Product Reviews versions = 1.2.9...

5.3CVSS5.4AI score0.00273EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2026/03/23 5:29 a.m.14 views

CVE-2025-10679

The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More WordPress plugin (up to v2.2.12) is vulnerable due to insufficient input validation in the bulkTenReviews function, allowing user-controlled data to be passed to a variable function call ...

7.3CVSS6.6AI score0.00447EPSS
Exploits0References5
RedhatCVE
RedhatCVE
added 2026/02/28 7:45 p.m.6 views

CVE-2019-25495

osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the reviewsid parameter. Attackers can send GET requests to productreviewswrite.php with malicious reviewsid values using boolean-based SQL...

8.8CVSS6AI score0.00327EPSS
Exploits1References1
EUVD
EUVD
added 2026/02/27 6:31 p.m.6 views

EUVD-2019-19721

osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the reviewsid parameter. Attackers can send GET requests to productreviewswrite.php with malicious reviewsid values using boolean-based SQL...

8.8CVSS6AI score0.00327EPSS
Exploits1References4
NVD
NVD
added 2026/02/27 6:16 p.m.5 views

CVE-2019-25495

osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the reviewsid parameter. Attackers can send GET requests to productreviewswrite.php with malicious reviewsid values using boolean-based SQL...

8.8CVSS0.00327EPSS
Exploits1References3
OSV
OSV
added 2026/02/27 6:16 p.m.6 views

CVE-2019-25495

osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the reviewsid parameter. Attackers can send GET requests to productreviewswrite.php with malicious reviewsid values using boolean-based SQL...

7.5CVSS5.9AI score
Exploits0References3
Cvelist
Cvelist
added 2026/02/27 5:23 p.m.21 views

CVE-2019-25495 osCommerce 2.3.4.1 SQL Injection via reviews_id Parameter

osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the reviewsid parameter. Attackers can send GET requests to productreviewswrite.php with malicious reviewsid values using boolean-based SQL...

8.8CVSS0.00327EPSS
Exploits1References3
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.9 views

PT-2026-22363

osCommerce 2.3.4.1 contains a SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the reviews id parameter. Attackers can send GET requests to product reviews write.php with malicious reviews id values using boolean-based...

8.8CVSS6AI score0.00327EPSS
Exploits1References4
NVD
NVD
added 2026/02/19 9:16 a.m.6 views

CVE-2026-25318

Missing Authorization vulnerability in Wisernotify team WiserReview Product Reviews for WooCommerce wiser-review allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WiserReview Product Reviews for WooCommerce: from n/a through = 2.9...

4.3CVSS0.00235EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/19 8:26 a.m.33 views

CVE-2026-25318 WordPress WiserReview Product Reviews for WooCommerce plugin <= 2.9 - Broken Access Control vulnerability

Missing Authorization vulnerability in Wisernotify team WiserReview Product Reviews for WooCommerce wiser-review allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects WiserReview Product Reviews for WooCommerce: from n/a through = 2.9...

4.3CVSS0.00235EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/26 1:23 p.m.6 views

WordPress WiserReview Product Reviews for WooCommerce plugin <= 2.9 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin WiserReview Product Reviews for WooCommerce versions = 2.9...

4.3CVSS5.4AI score0.00235EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/01/23 3:16 p.m.5 views

CVE-2026-24562

Missing Authorization vulnerability in Ryviu Ryviu – Product Reviews for WooCommerce ryviu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ryviu – Product Reviews for WooCommerce: from n/a through = 3.1.26...

5.3CVSS0.00272EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/23 2:28 p.m.4 views

CVE-2026-24562 WordPress Ryviu – Product Reviews for WooCommerce plugin <= 3.1.26 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ryviu Ryviu Product Reviews for WooCommerce ryviu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ryviu Product Reviews for WooCommerce: from n/a through = 3.1.26...

5.3CVSS5.4AI score0.00272EPSS
Exploits0References1
CVE
CVE
added 2026/01/23 2:28 p.m.14 views

CVE-2026-24562

CVE-2026-24562 : A Missing/Broken Access Control vulnerability in the Ryviu – Product Reviews for WooCommerce WordPress plugin (versions up to and including 3.1.26) allows access level misconfigurations. The NVD entry lists CVSSv3.1 base score 5.3 (Network, Low attack complexity, No privileges re...

5.3CVSS5.1AI score0.00272EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/23 2:28 p.m.35 views

CVE-2026-24562 WordPress Ryviu – Product Reviews for WooCommerce plugin <= 3.1.26 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ryviu Ryviu – Product Reviews for WooCommerce ryviu allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Ryviu – Product Reviews for WooCommerce: from n/a through = 3.1.26...

5.3CVSS0.00272EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/23 12:0 a.m.7 views

PT-2026-4404

Name of the Vulnerable Software and Affected Versions Ryviu – Product Reviews for WooCommerce versions through 3.1.26 Description Ryviu – Product Reviews for WooCommerce contains a flaw related to incorrectly configured access control security levels, potentially allowing unauthorized access...

5.3CVSS5.2AI score0.00272EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/01/22 3:48 a.m.8 views

WordPress Ryviu – Product Reviews for WooCommerce plugin <= 3.1.26 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Legion Hunter in WordPress Plugin Ryviu Product Reviews for WooCommerce versions = 3.1.26...

5.3CVSS5.3AI score0.00272EPSS
Exploits0Affected Software1
Snyk
Snyk
added 2025/11/24 4:24 p.m.1 views

Embedded Malicious Code

Overview Affected versions of this package are vulnerable to Embedded Malicious Code. This package contains malicious code associated with the Sha1-hulud supply chain attack, and its content was removed from the official package manager. The malware functions as a self-replicating worm capable of...

9.8CVSS6.8AI score
Exploits0References3
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/11/24 2:15 p.m.5 views

Malicious code in medusa-plugin-product-reviews-kvy (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0d400830b8f3bd9546ee8f7f68bfb8028db23280c0f6a1c4f494e4eebf65df6f The package medusa-plugin-product-reviews-kvy was found to contain malicious code. Source: ghsa-malware...

6.9AI score
Exploits0References4
EUVD
EUVD
added 2025/11/24 2:15 p.m.2 views

EUVD-2025-198730

Malicious code in medusa-plugin-product-reviews-kvy npm...

6.6AI score
Exploits0References1
Rows per page
Query Builder