PT-2026-27049 · Reviewx · Reviewx – Multi-Criteria Reviews For Woocommerce With Google Reviews & Schema
Abrahack
·
Published
2026-03-23
·
Updated
2026-03-23
·
CVE-2025-10734
CVSS v3.1
5.3
Medium
| AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N |
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.12 via the syncedData function. This makes it possible for unauthenticated attackers to extract sensitive data including user names, emails, phone numbers, addresses.
Fix
Insecure Storage of Sensitive Information
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Reviewx – Multi-Criteria Reviews For Woocommerce With Google Reviews & Schema