VYPR

Site Reviews

by Geminilabs

CVEs (5)

  • CVE-2022-46801MedNov 7, 2023
    risk 0.40cvss 6.1epss 0.01

    Improper Neutralization of Formula Elements in a CSV File vulnerability in Paul Ryley Site Reviews.This issue affects Site Reviews: from n/a through 6.2.0.

  • CVE-2023-49832MedDec 9, 2024
    risk 0.34cvss 5.3epss 0.00

    Missing Authorization vulnerability in Gemini Labs Site Reviews site-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through <= 6.10.2.

  • CVE-2023-27625MedDec 9, 2024
    risk 0.28cvss 4.3epss 0.00

    Missing Authorization vulnerability in Paul Ryley Site Reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through 6.5.0.

  • CVE-2025-1232Mar 19, 2025
    risk 0.02cvss epss 0.02

    The Site Reviews WordPress plugin before 7.2.5 does not properly sanitise and escape some of its Review fields, which could allow unauthenticated users to perform Stored XSS attacks

  • CVE-2024-3050May 29, 2024
    risk 0.00cvss epss 0.01

    The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based blocking