Geminilabs
Products
1- 5 CVEs
Recent CVEs
5| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-46801 | Med | 0.40 | 6.1 | 0.01 | Nov 7, 2023 | Improper Neutralization of Formula Elements in a CSV File vulnerability in Paul Ryley Site Reviews.This issue affects Site Reviews: from n/a through 6.2.0. | ||
| CVE-2023-49832 | Med | 0.34 | 5.3 | 0.00 | Dec 9, 2024 | Missing Authorization vulnerability in Gemini Labs Site Reviews site-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through <= 6.10.2. | ||
| CVE-2023-27625 | Med | 0.28 | 4.3 | 0.00 | Dec 9, 2024 | Missing Authorization vulnerability in Paul Ryley Site Reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through 6.5.0. | ||
| CVE-2025-1232 | 0.02 | — | 0.02 | Mar 19, 2025 | The Site Reviews WordPress plugin before 7.2.5 does not properly sanitise and escape some of its Review fields, which could allow unauthenticated users to perform Stored XSS attacks | |||
| CVE-2024-3050 | 0.00 | — | 0.01 | May 29, 2024 | The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based blocking |
- risk 0.40cvss 6.1epss 0.01
Improper Neutralization of Formula Elements in a CSV File vulnerability in Paul Ryley Site Reviews.This issue affects Site Reviews: from n/a through 6.2.0.
- risk 0.34cvss 5.3epss 0.00
Missing Authorization vulnerability in Gemini Labs Site Reviews site-reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through <= 6.10.2.
- risk 0.28cvss 4.3epss 0.00
Missing Authorization vulnerability in Paul Ryley Site Reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through 6.5.0.
- CVE-2025-1232Mar 19, 2025risk 0.02cvss —epss 0.02
The Site Reviews WordPress plugin before 7.2.5 does not properly sanitise and escape some of its Review fields, which could allow unauthenticated users to perform Stored XSS attacks
- CVE-2024-3050May 29, 2024risk 0.00cvss —epss 0.01
The Site Reviews WordPress plugin before 7.0.0 retrieves client IP addresses from potentially untrusted headers, allowing an attacker to manipulate its value. This may be used to bypass IP-based blocking