Plugin For Google Reviews
by Richplugins
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-44580 | Cri | 0.59 | 9.1 | 0.01 | Mar 15, 2023 | SQL Injection (SQLi) vulnerability in RichPlugins Plugin for Google Reviews plugin <= 2.2.3 versions. | ||
| CVE-2023-6884 | Med | 0.42 | 6.4 | 0.01 | Feb 5, 2024 | This plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on the 'place_id' attribute. This makes it possible for authenticated attackers… | ||
| CVE-2022-45369 | Med | 0.28 | 4.3 | 0.01 | Nov 18, 2022 | Auth. (subscriber+) Broken Access Control vulnerability in Plugin for Google Reviews plugin <= 2.2.2 on WordPress. |
- risk 0.59cvss 9.1epss 0.01
SQL Injection (SQLi) vulnerability in RichPlugins Plugin for Google Reviews plugin <= 2.2.3 versions.
- risk 0.42cvss 6.4epss 0.01
This plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode in all versions up to, and including, 3.1 due to insufficient input sanitization and output escaping on the 'place_id' attribute. This makes it possible for authenticated attackers…
- risk 0.28cvss 4.3epss 0.01
Auth. (subscriber+) Broken Access Control vulnerability in Plugin for Google Reviews plugin <= 2.2.2 on WordPress.