Villatheme Woocommerce Photo Reviews vulnerabilities
3 known vulnerabilities affecting villatheme/woocommerce_photo_reviews.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
1
Severity breakdown
CRITICAL1HIGH1MEDIUM1
Vulnerabilities
Page 1 of 1
CVE-2024-8277P1CRITICALCVSS 9.8Exploitedfixed in 1.3.142024-09-11
CVE-2024-8277 [CRITICAL] CWE-288 CVE-2024-8277: The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in
The WooCommerce Photo Reviews Premium plugin for WordPress is vulnerable to authentication bypass in all versions up to, and including, 1.3.13.2. This is due to the plugin not properly validating what user transient is being used in the login() function and not properly verifying the user's identity. This makes it possible for unauthenticated attack
nvd
CVE-2025-47570P4HIGHCVSS 7.1≤ 1.3.132025-09-09
CVE-2025-47570 [HIGH] CWE-79 CVE-2025-47570: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability i
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-reviews.This issue affects WooCommerce Photo Reviews: from n/a through <= 1.3.13.
nvd
CVE-2026-28132P4MEDIUMCVSS 5.3≤ 1.4.42026-02-26
CVE-2026-28132 [MEDIUM] CWE-80 CVE-2026-28132: Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in villa
Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-reviews allows Code Injection.This issue affects WooCommerce Photo Reviews: from n/a through <= 1.4.4.
nvd