CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 0CVE-2023-6979 – Customer Reviews for WooCommerce <= 5.38.9 - Authenticated (Author+) Arbitrary File Upload
https://notcve.org/view.php?id=CVE-2023-6979
09 Jan 2024 — The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ivole_import_upload_csv AJAX action in all versions up to, and including, 5.38.9. This makes it possible for authenticated attackers, with author-level access and above, to upload arbitrary files on the affected site's server which may make remote code execution possible. El complemento Customer Reviews for WooCommerce para WordPress es vulnerable a cargas de archivos ... • https://drive.proton.me/urls/K4R2HDQBS0#iuTPm3NqZEdz • CWE-434: Unrestricted Upload of File with Dangerous Type •
CVSS: 6.4EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0079 – Customer Reviews for WooCommerce < 5.17.0 - Contributor+ Stored XSS
https://notcve.org/view.php?id=CVE-2023-0079
24 Jan 2023 — The Customer Reviews for WooCommerce WordPress plugin before 5.17.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. El complemento de WordPress Customer Reviews for WooCommerce anterior a 5.17.0 no valida ni escapa algunos de sus atributos de shortcode antes de devolverlos a una página/publicación donde está incrust... • https://wpscan.com/vulnerability/fdaba4d1-950d-4512-95de-cd43fe9e73e5 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 1CVE-2023-0080 – Customer Reviews for WooCommerce < 5.16.0 - Contributor+ LFI
https://notcve.org/view.php?id=CVE-2023-0080
23 Jan 2023 — The Customer Reviews for WooCommerce WordPress plugin before 5.16.0 does not validate one of its shortcode attribute, which could allow users with a contributor role and above to include arbitrary files via a traversal attack. This could also allow them to read non PHP files and retrieve their content. RCE could also be achieved if the attacker manage to upload a malicious image containing PHP code, and then include it via the affected attribute, on a default WP install, authors could easily achieve that gi... • https://wpscan.com/vulnerability/6b0d63ed-e244-4f20-8f10-a6e0c7ccadd4 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •
CVSS: 9.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38134 – WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Authenticated Broken Access Control vulnerability
https://notcve.org/view.php?id=CVE-2022-38134
22 Sep 2022 — Authenticated (subscriber+) Broken Access Control vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress. Una vulnerabilidad de Control de Acceso Roto Autenticado (suscriptor+) en el plugin Customer Reviews for WooCommerce versiones anteriores a 5.3.5 incluyéndola en WordPress. The Customer Reviews for WooCommerce plugin contains several AJAX actions that are not protected by capability or nonce checks in versions up to, and including, 5.3.5. This allows authenticated users, such as ... • https://patchstack.com/database/vulnerability/customer-reviews-woocommerce/wordpress-customer-reviews-for-woocommerce-plugin-5-3-5-authenticated-broken-access-control-vulnerability/_s_id=cve • CWE-264: Permissions, Privileges, and Access Controls CWE-284: Improper Access Control •
CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 0CVE-2022-38470 – WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Cross-Site Request Forgery (CSRF) vulnerability
https://notcve.org/view.php?id=CVE-2022-38470
22 Sep 2022 — Cross-Site Request Forgery (CSRF) vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress. Una vulnerabilidad de tipo Cross-Site Request Forgery (CSRF) en el plugin Customer Reviews for WooCommerce versiones anteriores a 5.3.5 incluyéndola en WordPress. The Customer Reviews for WooCommerce plugin contains several AJAX actions that are not protected by capability or nonce checks in versions up to, and including, 5.3.5. This allows unauthenticated attackers to perform actions that shoul... • https://patchstack.com/database/vulnerability/customer-reviews-woocommerce/wordpress-customer-reviews-for-woocommerce-plugin-5-3-5-cross-site-request-forgery-csrf-vulnerability/_s_id=cve • CWE-352: Cross-Site Request Forgery (CSRF) •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2022-40194 – WordPress Customer Reviews for WooCommerce plugin <= 5.3.5 - Sensitive Information Disclosure vulnerability
https://notcve.org/view.php?id=CVE-2022-40194
22 Sep 2022 — Unauthenticated Sensitive Information Disclosure vulnerability in Customer Reviews for WooCommerce plugin <= 5.3.5 at WordPress Una vulnerabilidad de Divulgación de Información Confidencial no Autenticada en el plugin Customer Reviews for WooCommerce versiones anteriores a 5.3.5 incluyéndola en WordPress. The Customer Reviews for WooCommerce plugin contains several AJAX actions that are not protected by capability or nonce checks in versions up to, and including, 5.3.5. This allows authenticated users, such... • https://patchstack.com/database/vulnerability/customer-reviews-woocommerce/wordpress-customer-reviews-for-woocommerce-plugin-5-3-5-sensitive-information-disclosure-vulnerability/_s_id=cve • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-285: Improper Authorization •