43 matches found
CVE-2026-3355
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘crsearch’ parameter in all versions up to, and including, 5.101.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
WordPress Customer Reviews for WooCommerce plugin <= 5.101.0 - Reflected Cross-Site Scripting via 'crsearch' vulnerability
Reflected Cross-Site Scripting via 'crsearch' vulnerability discovered by WordFence in WordPress Plugin Customer Reviews for WooCommerce versions = 5.101.0...
CVE-2026-3355
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘crsearch’ parameter in all versions up to, and including, 5.101.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
CVE-2026-3355 Customer Reviews for WooCommerce <= 5.101.0 - Reflected Cross-Site Scripting via 'crsearch'
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘crsearch’ parameter in all versions up to, and including, 5.101.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
CVE-2026-3355
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘crsearch’ parameter in all versions up to, and including, 5.101.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to...
EUVD-2026-21264
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 5.103.0. This is due to the createreviewpermissionscheck function comparing the user-supplied key parameter against the order's ivolesecretkey meta value using...
CVE-2025-10734
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.12 via the syncedData function. This makes it possible for unauthenticated...
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin <= 2.2.12 - Unauthenticated Limited Remote Code Execution vulnerability
WordPress ReviewX - WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin = 2.2.12 - Unauthenticated Limited Remote Code Execution vulnerability discovered by abrahack in WordPress Plugin ReviewX versions = 2.2.12...
EUVD-2025-208928
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.12 via the syncedData function. This makes it possible for unauthenticated...
CVE-2025-10679
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to arbitrary method calls in all versions up to, and including, 2.2.12. This is due to insufficient input validation in the bulkTenReviews function that...
CVE-2025-10734
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.12 via the syncedData function. This makes it possible for unauthenticated...
CVE-2025-10734 ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More <= 2.2.12 - Unauthenticated Sensitive Information Exposure
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.12 via the syncedData function. This makes it possible for unauthenticated...
CVE-2025-10731 ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More <= 2.2.12 - Unauthenticated Sensitive Information Exposure to Data Export
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.12 via the allReminderSettings function. This makes it possible for...
PT-2026-27045
Name of the Vulnerable Software and Affected Versions ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress versions through 2.2.10 Description The ReviewX plugin for WordPress is susceptible to unauthorized data access...
WordPress Customer Reviews for WooCommerce plugin <= 5.97.0 - Unauthenticated Stored Cross-Site Scripting via media[].href Parameter vulnerability
Unauthenticated Stored Cross-Site Scripting via media.href Parameter vulnerability discovered by type5afe in WordPress Plugin Customer Reviews for WooCommerce versions = 5.97.0...
CVE-2025-14891
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'displayName' parameter in all versions up to, and including, 5.93.1 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
WordPress Customer Reviews for WooCommerce plugin <= 5.93.1 - Authenticated (Subscriber+) Stored Cross-Site Scripting via displayName Parameter vulnerability
Authenticated Subscriber+ Stored Cross-Site Scripting via displayName Parameter vulnerability discovered by shark3y in WordPress Plugin Customer Reviews for WooCommerce versions = 5.93.1...
EUVD-2025-8392
Malicious code in bioql PyPI...
EUVD-2023-51752
Malicious code in bioql PyPI...
CVE-2023-47653
Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Abu Bakar TWB Woocommerce Reviews plugin = 1.7.5 versions...