Lucene search
+L

1351 matches found

CVE
CVE
added 2026/07/06 5:31 p.m.22 views

CVE-2026-12154

The CVE concerns the WordPress plugin Reviews Widgets for Google, Yelp & TripAdvisor (fb-reviews-widget)

6.4CVSS6AI score0.00193EPSS
Exploits0References5
Patchstack
Patchstack
added 2026/07/02 12:0 p.m.5 views

WordPress Reviews Widgets for Google, TripAdvisor, Yelp & Recommendations plugin <= 2.7.3 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Ilkeggs in WordPress Plugin Trust.Reviews versions = 2.7.3...

6.4CVSS5.9AI score0.00193EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2026/06/26 3:16 p.m.6 views

CVE-2026-57318

Subscriber Sensitive Data Exposure in Site Reviews = 8.0.11 versions...

6.5CVSS0.00355EPSS
Exploits0References1
NVD
NVD
added 2026/06/26 3:16 p.m.8 views

CVE-2026-56043

Unauthenticated Cross Site Scripting XSS in Customer Reviews for WooCommerce = 5.110.1 versions...

7.1CVSS0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.12 views

CVE-2026-57318

Affected software : WordPress Site Reviews plugin (

6.5CVSS5.8AI score0.00355EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.5 views

EUVD-2026-39731

Subscriber Sensitive Data Exposure in Site Reviews = 8.0.11 versions...

6.5CVSS5.8AI score0.00355EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.35 views

CVE-2026-57318 WordPress Site Reviews plugin <= 8.0.11 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in Site Reviews = 8.0.11 versions...

6.5CVSS0.00355EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.32 views

CVE-2026-56043 WordPress Customer Reviews for WooCommerce plugin <= 5.110.1 - Cross Site Scripting (XSS) vulnerability

Unauthenticated Cross Site Scripting XSS in Customer Reviews for WooCommerce = 5.110.1 versions...

7.1CVSS0.0018EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.4 views

EUVD-2026-39704

Unauthenticated Cross Site Scripting XSS in Customer Reviews for WooCommerce = 5.110.1 versions...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.9 views

CVE-2026-56043

CVE-2026-56043 is an unauthenticated Cross Site Scripting (XSS) vulnerability affecting the WordPress plugin Customer Reviews for WooCommerce up to version 5.110.1 . The issue is in the handling of user-provided input in customer reviews, enabling arbitrary script execution in the context of othe...

7.1CVSS5.8AI score0.0018EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/06/24 3:10 p.m.6 views

WordPress Customer Reviews for WooCommerce plugin <= 5.110.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by daroo in WordPress Plugin Customer Reviews for WooCommerce versions = 5.110.1...

7.1CVSS5.8AI score0.0018EPSS
Exploits0Affected Software1
NVD
NVD
added 2026/06/24 7:16 a.m.11 views

CVE-2026-9619

The Reviews and Rating – Docplanner plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

4.3CVSS0.00307EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/24 5:33 a.m.38 views

CVE-2026-9619 Reviews and Rating <= 1.1.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification via sync_reviews AJAX Action

The Reviews and Rating – Docplanner plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

4.3CVSS0.00307EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/24 5:33 a.m.11 views

EUVD-2026-38666

The Reviews and Rating – Docplanner plugin for WordPress is vulnerable to authorization bypass in all versions up to, and including, 1.1.4. This is due to the plugin not properly verifying that a user is authorized to perform an action. This makes it possible for authenticated attackers, with...

4.3CVSS5.7AI score0.00307EPSS
Exploits0References6
CVE
CVE
added 2026/06/24 5:33 a.m.14 views

CVE-2026-9619

CVE-2026-9619 affects the Reviews and Rating – Docplanner WordPress plugin, vulnerable in all versions up to 1.1.4 due to insufficient authorization checks for an action (sync_reviews AJAX). This allows authenticated users with subscriber-level access and above to trigger outbound scraping, write...

4.3CVSS5.7AI score0.00307EPSS
Exploits0References6
Patchstack
Patchstack
added 2026/06/23 4:40 p.m.6 views

WordPress Reviews and Rating – Docplanner plugin <= 1.1.4 - Missing Authorization to Authenticated (Subscriber+) Arbitrary Modification vulnerability

Missing Authorization to Authenticated Subscriber+ Arbitrary Modification vulnerability discovered by Benedictus Jovan aillesiM in WordPress Plugin Reviews and Rating – Docplanner versions = 1.1.4...

4.3CVSS5.8AI score0.00307EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2026/06/16 6:49 a.m.12 views

EUVD-2026-37040

The WP Review Slider Pro plugin for WordPress is vulnerable to SQL Injection via the 'curselrevs' parameter of the wpfbfindreviews AJAX action in versions up to, and including, 12.6.8. This is due to the handler reading $POST'curselrevs' raw with no sanitization or type casting, then concatenatin...

8.8CVSS5.8AI score0.00347EPSS
Exploits0References2
OSV
OSV
added 2026/06/11 8:7 p.m.3 views

CVE-2026-53810 OpenClaw < 2026.5.18 - Arbitrary Code Execution via Unscanned Marketplace Runtime Extension Metadata

OpenClaw before 2026.5.18 contains a code execution vulnerability where marketplace runtime extension metadata can redirect loading toward unscanned package payloads. Attackers with trusted operator access can manipulate extension metadata to load plugin code outside reviewed package entry points...

7.7CVSS6.4AI score0.00419EPSS
Exploits0References5
Circl
Circl
added 2026/06/09 3:44 p.m.16 views

CVE-2026-45598

creationtimestamp| type| source ---|---|--- 2026-06-09 15:44:28+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0181 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review...

7CVSS5.3AI score0.00179EPSS
Exploits0References2
Circl
Circl
added 2026/06/09 3:44 p.m.14 views

CVE-2026-44805

creationtimestamp| type| source ---|---|--- 2026-06-09 15:44:28+00:00| seen| https://advisories.ncsc.nl/advisory?id=NCSC-2026-0181 2026-06-09 16:12:18+00:00| seen| https://www.thezdi.com/blog/2026/6/9/the-june-2026-security-update-review...

5.5CVSS5.3AI score0.00356EPSS
Exploits0References2
Rows per page
Query Builder