WordPress Widgets for Google Reviews plugin <= 13.2.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via trustindex Shortcode vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Scripting (XSS)
- Score:
- 6.5
WordPress Widgets for Google Reviews plugin <= 13.2.4 - Unauthenticated Stored Cross-Site Scripting via Google Reviews vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Scripting (XSS)
- Score:
- 7.1
References
PatchStack
CVE
Timeline
- Publicly Published
- 2025-12-08
- Created
- 2025-12-05
WordPress Widgets for Google Reviews plugin <= 11.0.2 - Arbitrary File Upload vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Arbitrary File Upload
- Score:
- 8
References
PatchStack
CVE
Timeline
- Publicly Published
- 2023-11-22
- Created
- 2023-11-22
Wordpress Widgets for Google Reviews plugin <= 10.9 - Cross-Site Request Forgery to Plugin Settings Reset vulnerability
Don't mute a vulnerability until you've confirmed your current version has a fix, or the issue doesn't affect your site.
- Type:
- Cross Site Request Forgery (CSRF)
- Score:
- 4.3