Site Reviews

1 CVEs product

Monthly

Sort: Newest CVSS Score EPSS Score Oldest

CVE-2025-1232 HIGH POC THREAT This Week

The Site Reviews WordPress plugin before version 7.2.5 contains a stored XSS vulnerability via review fields. Unauthenticated users can inject malicious scripts through review submissions that execute when administrators view the reviews in the dashboard, enabling admin session hijacking.

WordPress XSS Site Reviews PHP

NVD WPScan

CVSS 3.1

8.8

EPSS

53.1%

CVE-2025-1232

EPSS 53% CVSS 8.8

HIGH POC THREAT This Week

The Site Reviews WordPress plugin before version 7.2.5 contains a stored XSS vulnerability via review fields. Unauthenticated users can inject malicious scripts through review submissions that execute when administrators view the reviews in the dashboard, enabling admin session hijacking.

WordPress XSS Site Reviews +1

NVD WPScan

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy