A certain tool used for WooCommerce reviews on WordPress, called ReviewShort plugin, has a security issue in versions up to 1.01.3. This means that someone could pretend to be a legitimate user and create a new shortcode, as long as they can trick the site’s administrator into clicking on a link.