Cusrev Customer Reviews For Woocommerce — known CVE vulnerabilities
Every CVE whose affected-product data names Cusrev Customer Reviews For Woocommerce, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (13)
CVE-2023-6979 — CVSS 8.8 (high): The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in…
CVE-2023-0080 — CVSS 8.8 (high): The Customer Reviews for WooCommerce WordPress plugin before 5.16.0 does not validate one of its shortcode attribute, which could allow…
CVE-2024-3731 — CVSS 6.1 (medium): The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 's' parameter in all…
CVE-2023-0079 — CVSS 5.4 (medium): The Customer Reviews for WooCommerce WordPress plugin before 5.17.0 does not validate and escape some of its shortcode attributes before…
CVE-2024-1044 — CVSS 5.3 (medium): The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability…
CVE-2022-40194 — CVSS 5.3 (medium): Unauthenticated Sensitive Information Disclosure vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress
CVE-2022-38134 — CVSS 4.3 (medium): Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress.
CVE-2024-3869 — CVSS 4.3 (medium): The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on…
CVE-2022-38470 — CVSS 4.3 (medium): Cross-Site Request Forgery (CSRF) vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress.
CVE-2023-45101 — CVSS 4.3 (medium): Missing Authorization vulnerability in CusRev Customer Reviews for WooCommerce customer-reviews-woocommerce allows Exploiting Incorrectly…
CVE-2023-51692 — CVSS 4.3 (medium): Missing Authorization vulnerability in CusRev Customer Reviews for WooCommerce.This issue affects Customer Reviews for WooCommerce: from…
CVE-2024-10614 — CVSS 4.3 (medium): The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the…
CVE-2024-3243 — CVSS 4.3 (medium): The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized email sending due to a missing capability check on…