VYPR

Woocommerce Photo Reviews

by WordPress

CVEs (3)

  • CVE-2024-8277CriSep 11, 2024
    risk 0.64cvss 9.8epss 0.02

    The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.3.13.2. This is due to the plugin not properly validating what user transient is being used in the login() function and not properly…

  • CVE-2025-47570HigSep 9, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-reviews.This issue affects WooCommerce Photo Reviews: from n/a through <= 1.3.13.

  • CVE-2026-28132MedFeb 26, 2026
    risk 0.34cvss 5.3epss 0.00

    Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-reviews allows Code Injection.This issue affects WooCommerce Photo Reviews: from n/a through <= 1.4.4.