Really Simple Security logo

Log out
Get PRO

Latest

Input validation vulnerability in ReviewX – Multi-criteria Rating & Reviews for WooCommerce 1.6.28

  • Severity: medium-risk
  • Status: Fixed
  • Publication: August 16, 2024

The ReviewX plugin for WordPress, which allows customers to leave ratings and reviews on WooCommerce products, has a security issue. This issue affects all versions of the plugin up to 1.6.28. The problem is that the plugin does not properly check the ratings that are submitted, so it is possible for someone without proper authorization to submit ratings with incorrect information.

Detected in:

ReviewX – Multi-criteria Rating & Reviews for WooCommerce fixed vulnerable versions: >= * <= 1.6.28
ReviewX – WooCommerce Product Reviews Plugin (Judge.me Alternative with Multi-Criteria, Emails, Schema & More) fixed vulnerable versions:
ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More fixed vulnerable versions:

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

  • Incorrect?

Is this information incorrect? Please leave us a message.