Lucene search
K

117 matches found

Nuclei
Nuclei
added 17 hours ago41 views

Site Reviews < 7.2.5 - Unauthenticated Stored XSS

Site Reviews WordPress plugin before 7.2.5 contains a stored cross-site scripting caused by improper sanitization and escaping of review fields, letting unauthenticated users execute malicious scripts, exploit requires no authentication. id: CVE-2025-1232 info: name: Site Reviews 7.2.5 -...

8.8CVSS7.1AI score0.01856EPSS
Exploits1References3
NVD
NVD
added 2026/06/26 3:16 p.m.5 views

CVE-2026-57318

Subscriber Sensitive Data Exposure in Site Reviews = 8.0.11 versions...

6.5CVSS0.00355EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/26 2:52 p.m.4 views

EUVD-2026-39731

Subscriber Sensitive Data Exposure in Site Reviews = 8.0.11 versions...

6.5CVSS5.8AI score0.00355EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/26 2:52 p.m.32 views

CVE-2026-57318 WordPress Site Reviews plugin <= 8.0.11 - Sensitive Data Exposure vulnerability

Subscriber Sensitive Data Exposure in Site Reviews = 8.0.11 versions...

6.5CVSS0.00355EPSS
Exploits0References1
CVE
CVE
added 2026/06/26 2:52 p.m.11 views

CVE-2026-57318

Affected software : WordPress Site Reviews plugin (

6.5CVSS5.8AI score0.00355EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:28 a.m.4 views

CVE-2023-49832

Missing Authorization vulnerability in Gemini Labs Site Reviews site-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through = 6.10.2...

5.3CVSS5.8AI score0.00485EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:54 a.m.11 views

CVE-2025-1232

The Site Reviews WordPress plugin before 7.2.5 does not properly sanitise and escape some of its Review fields, which could allow unauthenticated users to perform Stored XSS attacks...

8.8CVSS6AI score0.01856EPSS
Exploits1References1
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2018-1413

Malware in sbrugna...

6.1CVSS6.3AI score0.01309EPSS
Exploits0References4
EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2021-11885

Malware in sbrugna...

6.1CVSS6.2AI score0.01314EPSS
Exploits2References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.2 views

EUVD-2023-53740

Malicious code in bioql PyPI...

5.3CVSS6.6AI score0.00485EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2024-26134

Malicious code in bioql PyPI...

5.9CVSS8.6AI score0.00325EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2022-49583

Malicious code in bioql PyPI...

9.8CVSS9.2AI score0.00702EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-23769

Malicious code in bioql PyPI...

4.8CVSS6.4AI score0.00501EPSS
Exploits2References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2025-6715

Malicious code in bioql PyPI...

8.8CVSS8.7AI score0.01856EPSS
Exploits1References2
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2023-31361

Malicious code in bioql PyPI...

4.3CVSS8.5AI score0.00385EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.5 views

EUVD-2023-31365

Malicious code in bioql PyPI...

6.5CVSS5.7AI score0.00411EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.4 views

EUVD-2023-31348

Malicious code in bioql PyPI...

6.5CVSS5.8AI score0.00401EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:56 a.m.7 views

CVE-2024-2293

The Site Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the user display name in all versions up to, and including, 6.11.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with subscriber access and abov...

6.4CVSS5.8AI score0.00551EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:9 a.m.4 views

CVE-2024-3050

The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based blocking...

9.1CVSS6.7AI score0.00565EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/23 8:55 a.m.4 views

CVE-2024-29095

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gemini Labs Site Reviews site-reviews.This issue affects Site Reviews: from n/a through = 6.11.6...

5.9CVSS7.2AI score0.00325EPSS
Exploits0References1
Rows per page
Query Builder