Gowebsolutions Wp Customer Reviews — known CVE vulnerabilities
Every CVE whose affected-product data names Gowebsolutions Wp Customer Reviews, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2021-24135 — CVSS 6.1 (medium): Unvalidated input and lack of output encoding in the WP Customer Reviews WordPress plugin, versions before 3.4.3, lead to multiple Stored…
CVE-2024-1849 — CVSS 5.4 (medium): The WP Customer Reviews WordPress plugin before 3.7.1 does not validate a parameter allowing contributor and above users to redirect a page…
CVE-2021-24296 — CVSS 4.8 (medium): The WP Customer Reviews WordPress plugin before 3.5.6 did not sanitise some of its settings, allowing high privilege users such as…
CVE-2023-4648 — CVSS 4.4 (medium): The WP Customer Reviews plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in versions up to, and…
CVE-2023-4686 — CVSS 4.3 (medium): The WP Customer Reviews plugin for WordPress is vulnerable to Sensitive Information Exposure in versions up to, and including, 3.6.6 via…