cleantalk
Vulnerabilities and Security Researches

Vulnerabilities and security researches forembedder-for-google-reviews embedder-for-google-reviews

Direction: ascending
Jun 07, 2024

Google Reviews WordPress Plugin (Widget to add and display reviews) # 6c2ad8e1f17e8fda8cdcf6e1b760d67c74bba1a6

CVE, Research URL

6c2ad8e1f17e8fda8cdcf6e1b760d67c74bba1a6

Home page URL

Security reports for Google Reviews WordPress Plugin (Widget to add and display reviews)

Application

Google Reviews WordPress Plugin (Widget to add and display reviews)

Date
Jul 18, 2023
Research Description
Google Reviews WordPress Plugin (Widget to add and display reviews) [embedder-for-google-reviews] < 1.5.12 WordPress Embedder for Google Reviews Plugin < 1.5.12 is vulnerable to Cross Site Scripting (XSS) Update the plugin to the latest version. Rafie Muhammad (Patchstack) discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Embedder for Google Reviews Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has been fixed in version 1.5.12.
Affected versions
max 1.5.12.
Status
vulnerable
Aug 16, 2025

Google Reviews WordPress Plugin (Widget to add and display reviews) # CVE-2025-54730

CVE, Research URL

CVE-2025-54730

Home page URL

Security reports for Google Reviews WordPress Plugin (Widget to add and display reviews)

Application

Google Reviews WordPress Plugin (Widget to add and display reviews)

Date
Aug 15, 2025
Research Description
Missing Authorization vulnerability in PARETO Digital Embedder for Google Reviews allows Accessing Functionality Not Properly Constrained by ACLs. This issue affects Embedder for Google Reviews: from n/a through 1.7.3.
Affected versions
max 1.7.4.
Status
vulnerable
May 02, 2026

Google Reviews WordPress Plugin (Widget to add and display reviews) # CVE-2024-13362

CVE, Research URL

CVE-2024-13362

Home page URL

Security reports for Google Reviews WordPress Plugin (Widget to add and display reviews)

Application

Google Reviews WordPress Plugin (Widget to add and display reviews)

Date
May 01, 2026
Research Description
Multiple plugins and/or themes for WordPress are vulnerable to Reflected Cross-Site Scripting via the url parameter in various versions due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that execute if they can successfully trick a user into performing an action such as clicking on a link.
Affected versions
max 8.0.8.
Status
vulnerable