Refine your search
6 vulnerabilities found for ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema by reviewx
CVE-2025-10734 (GCVE-0-2025-10734)
Vulnerability from cvelistv5
Published
2026-03-23 05:29
Modified
2026-04-08 17:31
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-922 - Insecure Storage of Sensitive Information
Summary
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.12 via the syncedData function. This makes it possible for unauthenticated attackers to extract sensitive data including user names, emails, phone numbers, addresses.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| reviewx | ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema |
Version: 0 ≤ 2.2.12 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10734",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T15:17:50.320955Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T15:52:55.005Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ReviewX \u2013 Multi-Criteria Reviews for WooCommerce with Google Reviews \u0026 Schema",
"vendor": "reviewx",
"versions": [
{
"lessThanOrEqual": "2.2.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "abrahack"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ReviewX \u2013 WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema \u0026 More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.12 via the syncedData function. This makes it possible for unauthenticated attackers to extract sensitive data including user names, emails, phone numbers, addresses."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-922",
"description": "CWE-922 Insecure Storage of Sensitive Information",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:31:13.762Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/eb830ad3-50ba-4dfe-becb-351b227706c1?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/reviewx/tags/2.2.7/app/Rest/Controllers/DataSyncController.php#L77"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-05T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-11-19T16:49:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-03-22T16:26:54.000Z",
"value": "Disclosed"
}
],
"title": "ReviewX \u2013 WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema \u0026 More \u003c= 2.2.12 - Unauthenticated Sensitive Information Exposure"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10734",
"datePublished": "2026-03-23T05:29:39.286Z",
"dateReserved": "2025-09-19T14:55:16.957Z",
"dateUpdated": "2026-04-08T17:31:13.762Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10679 (GCVE-0-2025-10679)
Vulnerability from cvelistv5
Published
2026-03-23 05:29
Modified
2026-04-08 16:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Summary
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to arbitrary method calls in all versions up to, and including, 2.2.12. This is due to insufficient input validation in the bulkTenReviews function that allows user-controlled data to be passed directly to a variable function call mechanism. This makes it possible for unauthenticated attackers to call arbitrary PHP class methods that take no inputs or have default values, potentially leading to information disclosure or remote code execution depending on available methods and server configuration.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| reviewx | ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema |
Version: 0 ≤ 2.2.12 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10679",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-25T13:57:54.254461Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-25T13:58:08.798Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ReviewX \u2013 Multi-Criteria Reviews for WooCommerce with Google Reviews \u0026 Schema",
"vendor": "reviewx",
"versions": [
{
"lessThanOrEqual": "2.2.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "abrahack"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ReviewX \u2013 WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema \u0026 More plugin for WordPress is vulnerable to arbitrary method calls in all versions up to, and including, 2.2.12. This is due to insufficient input validation in the bulkTenReviews function that allows user-controlled data to be passed directly to a variable function call mechanism. This makes it possible for unauthenticated attackers to call arbitrary PHP class methods that take no inputs or have default values, potentially leading to information disclosure or remote code execution depending on available methods and server configuration."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 7.3,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:34:25.788Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/0935ede4-05bc-48a2-94a3-8d92002e02bb?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/reviewx/tags/2.2.7/routes/api.php#L220"
},
{
"url": "https://plugins.trac.wordpress.org/browser/reviewx/tags/2.2.7/app/Rest/Controllers/ReviewController.php#L426"
},
{
"url": "https://plugins.trac.wordpress.org/browser/reviewx/tags/2.2.7/app/Services/ReviewService.php#L731"
},
{
"url": "https://plugins.trac.wordpress.org/browser/reviewx/tags/2.2.7/app/Utilities/Helper.php#L65"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-05T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-11-19T16:49:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-03-22T16:26:52.000Z",
"value": "Disclosed"
}
],
"title": "ReviewX \u2013 WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema \u0026 More \u003c= 2.2.12 - Unauthenticated Limited Remote Code Execution"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10679",
"datePublished": "2026-03-23T05:29:38.908Z",
"dateReserved": "2025-09-18T08:54:40.666Z",
"dateUpdated": "2026-04-08T16:34:25.788Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10731 (GCVE-0-2025-10731)
Vulnerability from cvelistv5
Published
2026-03-23 05:29
Modified
2026-04-08 16:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-285 - Improper Authorization
Summary
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.12 via the allReminderSettings function. This makes it possible for unauthenticated attackers to obtain authentication tokens and subsequently bypass admin restrictions to access and export sensitive data including order details, names, emails, addresses, phone numbers, and user information.
References
| URL | Tags | |||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| reviewx | ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema |
Version: 0 ≤ 2.2.12 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10731",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T15:51:44.063879Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T15:52:18.498Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ReviewX \u2013 Multi-Criteria Reviews for WooCommerce with Google Reviews \u0026 Schema",
"vendor": "reviewx",
"versions": [
{
"lessThanOrEqual": "2.2.12",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "abrahack"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ReviewX \u2013 WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema \u0026 More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.12 via the allReminderSettings function. This makes it possible for unauthenticated attackers to obtain authentication tokens and subsequently bypass admin restrictions to access and export sensitive data including order details, names, emails, addresses, phone numbers, and user information."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285 Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:33:48.942Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/06b290c2-e458-46da-abed-0ab5d63d1550?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/reviewx/tags/2.2.7/app/Rest/Controllers/EmailTemplateController.php#L165"
},
{
"url": "https://plugins.trac.wordpress.org/browser/reviewx/tags/2.2.7/app/Rest/Middleware/AdminMiddleware.php#L11"
},
{
"url": "https://plugins.trac.wordpress.org/browser/reviewx/tags/2.2.7/app/Rest/Controllers/DataSyncController.php#L68"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-05T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-11-19T16:49:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-03-22T16:26:51.000Z",
"value": "Disclosed"
}
],
"title": "ReviewX \u2013 WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema \u0026 More \u003c= 2.2.12 - Unauthenticated Sensitive Information Exposure to Data Export"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10731",
"datePublished": "2026-03-23T05:29:38.347Z",
"dateReserved": "2025-09-19T14:25:45.633Z",
"dateUpdated": "2026-04-08T16:33:48.942Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-10736 (GCVE-0-2025-10736)
Vulnerability from cvelistv5
Published
2026-03-23 04:26
Modified
2026-04-08 16:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-285 - Improper Authorization
Summary
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to unauthorized access of data due to improper authorization checks on the userAccessibility() function in all versions up to, and including, 2.2.10. This makes it possible for unauthenticated attackers to access protected REST API endpoints, extract and modify information related to users and plugin's configuration
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| reviewx | ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema |
Version: 0 ≤ 2.2.10 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-10736",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-03-23T15:59:42.744976Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-03-23T15:59:56.033Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ReviewX \u2013 Multi-Criteria Reviews for WooCommerce with Google Reviews \u0026 Schema",
"vendor": "reviewx",
"versions": [
{
"lessThanOrEqual": "2.2.10",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "abrahack"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ReviewX \u2013 WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema \u0026 More plugin for WordPress is vulnerable to unauthorized access of data due to improper authorization checks on the userAccessibility() function in all versions up to, and including, 2.2.10. This makes it possible for unauthenticated attackers to access protected REST API endpoints, extract and modify information related to users and plugin\u0027s configuration"
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-285",
"description": "CWE-285 Improper Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T16:52:17.350Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/505d7072-8fca-4b86-9b9c-3f39bc4dcfaf?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/reviewx/2.2.7/app/Rest/Middleware/AuthMiddleware.php#L41"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-09-05T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2025-11-19T16:49:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2026-03-22T16:23:54.000Z",
"value": "Disclosed"
}
],
"title": "ReviewX \u2013 WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema \u0026 More \u003c= 2.2.10 - Incorrect Authorization to Unauthenticated Information Exposure and Data Manipulation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2025-10736",
"datePublished": "2026-03-23T04:26:48.393Z",
"dateReserved": "2025-09-19T15:20:07.761Z",
"dateUpdated": "2026-04-08T16:52:17.350Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2024-3609 (GCVE-0-2024-3609)
Vulnerability from cvelistv5
Published
2024-05-16 20:31
Modified
2026-04-08 17:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-862 - Missing Authorization
Summary
The ReviewX – Multi-criteria Rating & Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized deletion of data due to a missing capability check on the reviewx_remove_guest_image function in all versions up to, and including, 1.6.27. This makes it possible for authenticated attackers, with subscriber access and above, to delete attachments.
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| reviewx | ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema |
Version: 0 ≤ 1.6.27 |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-3609",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-05-20T14:48:38.041432Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-06-04T17:32:43.365Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
},
{
"providerMetadata": {
"dateUpdated": "2024-08-01T20:19:58.893Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8152adf-1ca9-4a19-b539-39e257ab94c8?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3086273%40reviewx%2Ftrunk\u0026old=3054184%40reviewx%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ReviewX \u2013 Multi-Criteria Reviews for WooCommerce with Google Reviews \u0026 Schema",
"vendor": "reviewx",
"versions": [
{
"lessThanOrEqual": "1.6.27",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lucio S\u00e1"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ReviewX \u2013 Multi-criteria Rating \u0026 Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized deletion of data due to a missing capability check on the reviewx_remove_guest_image function in all versions up to, and including, 1.6.27. This makes it possible for authenticated attackers, with subscriber access and above, to delete attachments."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-862",
"description": "CWE-862 Missing Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:33:53.413Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/f8152adf-1ca9-4a19-b539-39e257ab94c8?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=3086273%40reviewx%2Ftrunk\u0026old=3054184%40reviewx%2Ftrunk\u0026sfp_email=\u0026sfph_mail="
}
],
"timeline": [
{
"lang": "en",
"time": "2024-05-16T07:36:25.000Z",
"value": "Disclosed"
}
],
"title": "ReviewX \u2013 Multi-criteria Rating \u0026 Reviews for WooCommerce \u003c= 1.6.27 - Missing Authorization"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2024-3609",
"datePublished": "2024-05-16T20:31:04.842Z",
"dateReserved": "2024-04-10T17:31:53.592Z",
"dateUpdated": "2026-04-08T17:33:53.413Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2023-2833 (GCVE-0-2023-2833)
Vulnerability from cvelistv5
Published
2023-06-06 09:33
Modified
2026-04-08 17:00
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-269 - Improper Privilege Management
Summary
The ReviewX plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.13 due to insufficient restriction on the 'rx_set_screen_options' function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the 'wp_screen_options[option]' and 'wp_screen_options[value]' parameters during a screen option update.
References
| URL | Tags | ||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| reviewx | ReviewX – Multi-Criteria Reviews for WooCommerce with Google Reviews & Schema |
Version: 0 ≤ 1.6.13 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T06:33:05.515Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/70e1d701-2cff-4793-9e4c-5b16a4038e8d?source=cve"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/browser/reviewx/tags/1.6.13/includes/rx-functions.php#L972"
},
{
"tags": [
"x_transferred"
],
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2916148%40reviewx\u0026old=2912114%40reviewx\u0026sfp_email=\u0026sfph_mail=#file472"
},
{
"tags": [
"x_transferred"
],
"url": "https://lana.codes/lanavdb/a889c3ff-5df0-4d7e-951f-0b0406468efa/"
},
{
"tags": [
"x_transferred"
],
"url": "https://www.wordfence.com/blog/2023/05/wpdeveloper-addresses-privilege-escalation-vulnerability-in-reviewx-wordpress-plugin/"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-2833",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-12-23T16:01:39.491724Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-12-23T16:22:51.376Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ReviewX \u2013 Multi-Criteria Reviews for WooCommerce with Google Reviews \u0026 Schema",
"vendor": "reviewx",
"versions": [
{
"lessThanOrEqual": "1.6.13",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Istv\u00e1n M\u00e1rton"
}
],
"descriptions": [
{
"lang": "en",
"value": "The ReviewX plugin for WordPress is vulnerable to privilege escalation in versions up to, and including, 1.6.13 due to insufficient restriction on the \u0027rx_set_screen_options\u0027 function. This makes it possible for authenticated attackers, with minimal permissions such as a subscriber, to modify their user role by supplying the \u0027wp_screen_options[option]\u0027 and \u0027wp_screen_options[value]\u0027 parameters during a screen option update."
}
],
"metrics": [
{
"cvssV3_1": {
"baseScore": 8.8,
"baseSeverity": "HIGH",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-269",
"description": "CWE-269 Improper Privilege Management",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-04-08T17:00:26.446Z",
"orgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"shortName": "Wordfence"
},
"references": [
{
"url": "https://www.wordfence.com/threat-intel/vulnerabilities/id/70e1d701-2cff-4793-9e4c-5b16a4038e8d?source=cve"
},
{
"url": "https://plugins.trac.wordpress.org/browser/reviewx/tags/1.6.13/includes/rx-functions.php#L972"
},
{
"url": "https://plugins.trac.wordpress.org/changeset?sfp_email=\u0026sfph_mail=\u0026reponame=\u0026new=2916148%40reviewx\u0026old=2912114%40reviewx\u0026sfp_email=\u0026sfph_mail=#file472"
},
{
"url": "https://lana.codes/lanavdb/a889c3ff-5df0-4d7e-951f-0b0406468efa/"
},
{
"url": "https://www.wordfence.com/blog/2023/05/wpdeveloper-addresses-privilege-escalation-vulnerability-in-reviewx-wordpress-plugin/"
}
],
"timeline": [
{
"lang": "en",
"time": "2023-05-20T00:00:00.000Z",
"value": "Discovered"
},
{
"lang": "en",
"time": "2023-05-20T00:00:00.000Z",
"value": "Vendor Notified"
},
{
"lang": "en",
"time": "2023-05-31T00:00:00.000Z",
"value": "Disclosed"
}
],
"title": "ReviewX \u003c= 1.6.13 - Arbitrary Usermeta Update to Authenticated (Subscriber+) Privilege Escalation"
}
},
"cveMetadata": {
"assignerOrgId": "b15e7b5b-3da4-40ae-a43c-f7aa60e62599",
"assignerShortName": "Wordfence",
"cveId": "CVE-2023-2833",
"datePublished": "2023-06-06T09:33:23.412Z",
"dateReserved": "2023-05-22T10:34:54.953Z",
"dateUpdated": "2026-04-08T17:00:26.446Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}