PT-2025-9404 · WordPress · Wp Ultimate Reviews

João Pedro S Alcântara

·

Publicado

2025-03-03

·

Atualizado

2025-03-05

·

CVE-2025-23739

CVSS v3.1

7.1

Alta

VetorAV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L
Name of the Vulnerable Software and Affected Versions WP Ultimate Reviews FREE versions 1.0.2 and earlier
Description The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS attacks.
Recommendations For WP Ultimate Reviews FREE versions 1.0.2 and earlier, update to a version that contains a fix for this issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2025-23739

Produtos afetados

Wp Ultimate Reviews