Medium severity5.3NVD Advisory· Published Feb 26, 2026· Updated Apr 28, 2026
CVE-2026-28132
CVE-2026-28132
Description
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-reviews allows Code Injection.This issue affects WooCommerce Photo Reviews: from n/a through <= 1.4.4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: <=1.4.4
Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.