CVE-2025-63057

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Roxnor Wp Ultimate Review wp-ultimate-review allows DOM-Based XSS.This issue affects Wp Ultimate Review: from n/a through = 2.3.7...

CVE-2025-2158 WordPress Review Plugin: The Ultimate Solution for Building a Review Website <= 5.3.5 - Authenticated (Contributor+) Local File Inclusion via Post Custom Fields

The WordPress Review Plugin: The Ultimate Solution for Building a Review Website plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 5.3.5 via the Post custom fields. This makes it possible for authenticated attackers, with Contributor-level access and...

WordPress plugin WordPress Review Plugin 路径遍历漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A path traversal...

PT-2025-20619 · WordPress · The Wordpress Review Plugin

Name of the Vulnerable Software and Affected Versions: The WordPress Review Plugin: The Ultimate Solution for Building a Review Website versions up to, and including, 5.3.5 Description: The WordPress Review Plugin is vulnerable to Local File Inclusion, allowing authenticated attackers with...

WordPress WordPress Review Plugin plugin <= 5.3.5 - Authenticated (Contributor+) Local File Inclusion via Post Custom Fields vulnerability

Authenticated Contributor+ Local File Inclusion via Post Custom Fields vulnerability discovered by Hiroho Shimada in WordPress Plugin WordPress Review Plugin versions = 5.3.5...