13 matches found
CVE-2025-12123
The Customer Reviews Collector for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email-text' parameter in all versions up to, and including, 4.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
EUVD-2025-199793
The Customer Reviews Collector for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email-text' parameter in all versions up to, and including, 4.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2025-12123
The Customer Reviews Collector for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email-text' parameter in all versions up to, and including, 4.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2025-12123 Customer Reviews Collector for WooCommerce <= 4.6.1 - Reflected Cross-Site Scripting
The Customer Reviews Collector for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email-text' parameter in all versions up to, and including, 4.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2025-12123 Customer Reviews Collector for WooCommerce <= 4.6.1 - Reflected Cross-Site Scripting
The Customer Reviews Collector for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email-text' parameter in all versions up to, and including, 4.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
CVE-2025-12123
CVE-2025-12123 concerns the WordPress plugin Customer Reviews Collector for WooCommerce . Multiple sources confirm a reflected Cross-Site Scripting vulnerability in versions up to 4.6.1, caused by insufficient input sanitization and output escaping of the email-text parameter. The impact allows u...
PT-2025-48234
The Customer Reviews Collector for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'email-text' parameter in all versions up to, and including, 4.6.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated...
WordPress plugin Customer Reviews Collector for WooCommerce 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
Shopkit Cross-Site Scripting Vulnerability
Shopkit is an open source Kirby Cms version 2 integrated commerce solution from the Canadian personal developer Sam Nabi.Shopkit version 2.7 contains a cross-site scripting vulnerability that could be exploited by attackers to hijack user credentials via a carefully crafted payload in an email te...
Threat Outbreak Alert RuleID22925: Email Messages Distributing Malicious Software on July 11, 2016
Medium Alert ID: 46256 First Published: 2016 May 18 15:51 GMT Last Updated: 2016 July 11 19:45 GMT Version: 2 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID22925 and...
Threat Outbreak Alert RuleID15087: Email Messages Distributing Malicious Software on October 12, 2015
Medium Alert ID: 38679 First Published: 2015 May 6 12:48 GMT Last Updated: 2015 October 14 11:33 GMT Version: 18 Summary Cisco Security has detected significant activity related to spam email messages distributing malicious software. Email messages that are related to this threat RuleID15087 and...
CVE-2007-6706
Unspecified vulnerability in nlnotes.dll in the client in IBM Lotus Notes 6.5, 7.0.x before 7.0.2 CCH or 7.0.3, and possibly 8.0 allows remote attackers to execute arbitrary code via crafted text in an e-mail message sent over SMTP...
Security update 1970-01-01
...