8 matches found
CVE-2025-14070
The Reviewify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'sendtestemail' AJAX action in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Contributor-level access and above, to...
CVE-2025-14070
The Reviewify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'sendtestemail' AJAX action in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Contributor-level access and above, to...
CVE-2025-14070 Reviewify <= 1.0.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary WooCommerce Coupon Creation
The Reviewify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'sendtestemail' AJAX action in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Contributor-level access and above, to...
CVE-2025-14070 Reviewify <= 1.0.7 - Missing Authorization to Authenticated (Contributor+) Arbitrary WooCommerce Coupon Creation
The Reviewify plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the 'sendtestemail' AJAX action in all versions up to, and including, 1.0.7. This makes it possible for authenticated attackers, with Contributor-level access and above, to...
CVE-2025-14070
CVE-2025-14070 – Reviewify (Review Discounts & Photo/Video Reviews for WooCommerce) : The WordPress Reviewify plugin versions up to 1.0.6 are vulnerable due to a missing capability check on the send_test_email AJAX action. This allows authenticated attackers with Contributor-level access or highe...
WordPress plugin Reviewify 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security...
PT-2026-1617
Name of the Vulnerable Software and Affected Versions Reviewify plugin for WordPress versions through 1.0.6 Description The Reviewify plugin for WordPress has a flaw that allows unauthorized modification of data. This is due to a missing capability check on the 'send test email' AJAX action...
WordPress Reviewify plugin <= 1.0.6 - Missing Authorization to Authenticated (Contributor+) Arbitrary WooCommerce Coupon Creation vulnerability
Missing Authorization to Authenticated Contributor+ Arbitrary WooCommerce Coupon Creation vulnerability discovered by Itthidej Aramsri Boeing777 in WordPress Plugin Reviewify versions = 1.0.6...