WordPress Site Reviews Plugin < 7.0.0 is vulnerable to Bypass Vulnerability

Software Site Reviews Type Plugin Vulnerable versions 7.0.0 Fixed in 7.0.0 OWASP Top 10 A4: Insecure Design Classification Bypass Vulnerability CVE CVE-2024-3050 Patch priority Low CVSS severity Low 5.3 Developer Gemini Labs PSID f2c354c46a11 Credits Sławomir Zakrzewski Maksymilian Kubiak AFINE...

WordPress Site Reviews Plugin <= 6.11.6 is vulnerable to Cross Site Scripting (XSS)

Software Site Reviews Type Plugin Vulnerable versions = 6.11.6 Fixed in 6.11.7 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-29095 Patch priority Low CVSS severity Low 5.9 Developer Gemini Labs PSID ea55e6cb50a9 Credits isacaya Required privilege Author Published...

WordPress Site Reviews Plugin <= 6.11.4 is vulnerable to Cross Site Scripting (XSS)

Software Site Reviews Type Plugin Vulnerable versions = 6.11.4 Fixed in 6.11.7 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-2293 Patch priority Low CVSS severity Low 6.5 Developer Gemini Labs PSID 905ece02271d Credits stealthcopter Required...

WordPress Site Reviews Plugin <= 6.10.2 is vulnerable to Broken Access Control

Software Site Reviews Type Plugin Vulnerable versions = 6.10.2 Fixed in 6.10.3 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2023-49832 Patch priority Low CVSS severity Low 5.3 Developer Gemini Labs PSID b68ded6b9874 Credits Revan Arifio Required privilege...

WordPress Site Reviews Plugin < 6.7.1 is vulnerable to Cross Site Scripting (XSS)

Software Site Reviews Type Plugin Vulnerable versions 6.7.1 Fixed in 6.7.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1525 Patch priority Low CVSS severity Low 5.9 Developer Gemini Labs PSID 152640d57067 Credits Shreya Pohekar Required privilege...

WordPress Site Reviews Plugin <= 6.5.0 is vulnerable to Broken Access Control

Software Site Reviews Type Plugin Vulnerable versions = 6.5.0 Fixed in 6.6.0 OWASP Top 10 A5: Broken Access Control Classification Broken Access Control CVE CVE-2023-27625 Patch priority Low CVSS severity Low 4.3 Developer Gemini Labs PSID d9f4b2bf1ed3 Credits Rafshanzani Suhada Required privileg...

WordPress Site Reviews Plugin <= 6.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Site Reviews Type Plugin Vulnerable versions = 6.5.1 Fixed in 6.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-27612 Patch priority Low CVSS severity Low 6.5 Developer Gemini Labs PSID 795688817308 Credits Rafshanzani Suhada Required...

WordPress Site Reviews Plugin <= 6.5.1 is vulnerable to Cross Site Scripting (XSS)

Software Site Reviews Type Plugin Vulnerable versions = 6.5.1 Fixed in 6.6.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-27629 Patch priority Low CVSS severity Low 6.5 Developer Gemini Labs PSID 45dbc55b56d9 Credits Mika Required privilege...

JVN#60978548: WordPress plugin "Site Reviews" vulnerable to cross-site scripting

The WordPress plugin "Site Reviews" provided by Gemini Labs contains a stored cross-site scripting vulnerability CWE-79. Impact An arbitrary script may be executed on a logged in user's web browser. Solution Update the plugin Update the plugin according to the information provided by the develope...