Paul Ryley Site Reviews vulnerabilities

5 known vulnerabilities affecting paul_ryley/site_reviews.

Total CVEs

5

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

CRITICAL1MEDIUM4

Vulnerabilities

Page 1 of 1

CVE-2023-27625MEDIUMCVSS 4.3≥ n/a, ≤ 6.5.02024-12-09

CVE-2023-27625 [MEDIUM] CWE-862 CVE-2023-27625: Missing Authorization vulnerability in Paul Ryley Site Reviews allows Exploiting Incorrectly Configu Missing Authorization vulnerability in Paul Ryley Site Reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through 6.5.0.

CVE-2023-49832MEDIUMCVSS 5.3≥ n/a, ≤ 6.10.22024-12-09

CVE-2023-49832 [MEDIUM] CWE-862 CVE-2023-49832: Missing Authorization vulnerability in Paul Ryley Site Reviews allows Exploiting Incorrectly Configu Missing Authorization vulnerability in Paul Ryley Site Reviews allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Site Reviews: from n/a through 6.10.2.

CVE-2022-46801CRITICALCVSS 9.8≥ n/a, ≤ 6.2.02023-11-07

CVE-2022-46801 [CRITICAL] CWE-1236 CVE-2022-46801: Improper Neutralization of Formula Elements in a CSV File vulnerability in Paul Ryley Site Reviews.T Improper Neutralization of Formula Elements in a CSV File vulnerability in Paul Ryley Site Reviews.This issue affects Site Reviews: from n/a through 6.2.0.

CVE-2023-27629MEDIUMCVSS 5.4≥ n/a, ≤ 6.5.12023-06-22

CVE-2023-27629 [MEDIUM] CWE-79 CVE-2023-27629: Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Paul Ryley Site Reviews plug Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Paul Ryley Site Reviews plugin <= 6.5.1 versions.

CVE-2023-27612MEDIUMCVSS 5.4≥ n/a, ≤ 6.5.12023-06-22

CVE-2023-27612 [MEDIUM] CWE-79 CVE-2023-27612: Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Paul Ryley Site Reviews plug Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in Paul Ryley Site Reviews plugin <= 6.5.1 versions.