Improper Neutralization of Formula Elements in a CSV File vulnerability in WPDeveloper ReviewX β Multi-criteria Rating & Reviews for WooCommerce.This issue affects ReviewX β Multi-criteria Rating & Reviews for WooCommerce: from n/a through 1.6.7.
9.8CVSS
9.3AI Score
0.001EPSS
The 'rx_export_review' action in the ReviewX WordPress Plugin, is affected by an authenticated SQL injection vulnerability in the 'filterValue' and 'selectedColumns' parameters.
8.8CVSS
8.9AI Score
0.001EPSS
The ReviewX plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.13 due to insufficient restriction on the 'rx_set_screen_options' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their...
8.8CVSS
8.4AI Score
0.002EPSS