3 matches found
CVE-2025-5720
The CVE-2025-5720 entry concerns the WordPress plugin “Customer Reviews for WooCommerce.” It is an unauthenticated stored XSS via the author parameter in all versions up to 5.80.2. The vulnerability arises from insufficient input sanitization and output escaping, allowing an attacker to inject ar...
CVE-2025-5720 Customer Reviews for WooCommerce <= 5.80.2 - Unauthenticated Stored Cross-Site Scripting via `author` Parameter
The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘author’ parameter in all versions up to, and including, 5.80.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...
WordPress Customer Reviews for WooCommerce plugin <= 5.80.2 - Unauthenticated Stored Cross-Site Scripting via `author` Parameter vulnerability
Unauthenticated Stored Cross-Site Scripting via author Parameter vulnerability discovered by zer0gh0st in WordPress Plugin Customer Reviews for WooCommerce versions = 5.80.2...