PT-2026-27049 · Unknown+1 · Woocommerce+1
Abrahack
·
Publicado
2026-03-23
·
Atualizado
2026-03-24
·
CVE-2025-10734
CVSS v3.1
5.3
Média
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
Name of the Vulnerable Software and Affected Versions
ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress versions up to and including 2.2.12
Description
The ReviewX plugin for WordPress is susceptible to exposure of sensitive information. Unauthenticated attackers can potentially extract sensitive data, including user names, emails, phone numbers, and addresses, through the
syncedData function.Recommendations
Update the ReviewX plugin to a version later than 2.2.12.
Correção
Insecure Storage of Sensitive Information
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Reviewx
Woocommerce