3 matches found
WordPress Reviews Widgets for Google, TripAdvisor, Yelp & Recommendations plugin <= 2.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Ilkeggs in WordPress Plugin Trust.Reviews versions = 2.7.3...
CVE-2025-30633 WordPress Amazon Native Shopping Recommendations Plugin <= 1.3 - SQL Injection Vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in AA-Team Amazon Native Shopping Recommendations allows SQL Injection.This issue affects Amazon Native Shopping Recommendations: from n/a through 1.3...
CVE-2025-12705 Social Reviews & Recommendations <= 2.5 - Unauthenticated Stored Cross-Site Scripting via Social Media Reviews
The Social Reviews & Recommendations plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters in the 'trimtext' function in all versions up to, and including, 2.5 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...