Latest

Input validation vulnerability in Widgets for Google Reviews 11.0.2

CVE-2023-48275

Severity: medium-risk
Status: Fixed
Publication: November 22, 2023

The Widgets for Google Reviews plugin for WordPress has a security vulnerability in all versions up to 11.0.2. This vulnerability can be used by attackers who have access at the editor level or above to upload files to the affected website’s server. In some cases, this could allow the attacker to run code on the server. This vulnerability can only be exploited in unique situations where the server is overwhelmed and the unlink() command is not immediately triggered after move_uploaded_file().

Detected in:

Customer Reviews Collector for WooCommerce fixed vulnerable versions: >= * <= 3.9

Review Widgets for Szallas.hu fixed vulnerable versions: >= * <= 11.0.2

Widgets for Airbnb Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for Alibaba Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for AliExpress Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for Amazon Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for Árukereső Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for Booking.com Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for Capterra Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for Ebay Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for Foursquare Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for Google Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for Hotels.com Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for Opentable Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for Reviews & Recommendations fixed vulnerable versions: >= * <= 11.0.2

Widgets for SourceForge Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for Thumbtack Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for WordPress Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for Yelp Reviews fixed vulnerable versions: >= * <= 11.0.2

Widgets for Zillow Reviews fixed vulnerable versions: >= * <= 11.0.2

WP Tripadvisor Review Widgets fixed vulnerable versions: >= * <= 11.0.2

Open source

This information is sourced from www.wpvulnerability.com. An open-source database of vulnerabilities maintained by the community. Help us out by submitting vulnerabilities!

Version compare

Version compare shows which versions have a vulnerability. For example: >= 2.2.8 <= 2.2.21 means:

> from 2.2.8
= including 2.2.8 & 2.2.21
< to 2.2.21

Incorrect?

Is this information incorrect? Please leave us a message.

Latest

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 Not Found errors detected on your homepage

Input validation vulnerability in Widgets for Google Reviews 11.0.2

Detected in:

Join our mailing list - 6 Tips & Tricks in your inbox over the next days!

Plugins

Get Started

About

Popular articles

Latest

Passkeys: no need for Limit Login Attempts?

Configuring Really Simple Security with WP-CLI

How to Fix The “Link you followed has Expired” error on WordPress

404 Not Found errors detected on your homepage

Input validation vulnerability in Widgets for Google Reviews 11.0.2

Detected in: