Vulnerabilities and security researches forsocial-testimonials-and-reviews-widget social-testimonials-and-reviews-widget

Jun 07, 2024

CVE, Research URL: CVE-2023-45048
Home page URL: Security reports for Social proof testimonials and reviews by Repuso
Application: Social proof testimonials and reviews by Repuso
Date: Oct 12, 2023
Research Description: Cross-Site Request Forgery (CSRF) vulnerability in Repuso Social proof testimonials and reviews by Repuso plugin <= 5.00 versions.
Affected versions: max 5.02.
Status: vulnerable

Jun 10, 2024

CVE, Research URL: CVE-2023-46196
Home page URL: Security reports for Social proof testimonials and reviews by Repuso
Application: Social proof testimonials and reviews by Repuso
Date: Jan 02, 2025
Research Description: Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Social proof testimonials and reviews by Repuso: from n/a through 4.97.
Affected versions: max 5.00.
Status: vulnerable

Jan 16, 2025

CVE, Research URL: CVE-2024-13351
Home page URL: Security reports for Social proof testimonials and reviews by Repuso
Application: Social proof testimonials and reviews by Repuso
Date: Jan 15, 2025
Research Description: The Social proof testimonials and reviews by Repuso plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'rw_image_badge1' shortcode in all versions up to, and including, 5.20 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions: max 5.21.
Status: vulnerable

Apr 03, 2025

CVE, Research URL: CVE-2025-31886
Home page URL: Security reports for Social proof testimonials and reviews by Repuso
Application: Social proof testimonials and reviews by Repuso
Date: Apr 01, 2025
Research Description: Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Social proof testimonials and reviews by Repuso: from n/a through 5.21.
Affected versions: max 5.22.
Status: vulnerable

Nov 11, 2025

CVE, Research URL: CVE-2025-62071
Home page URL: Security reports for Social proof testimonials and reviews by Repuso
Application: Social proof testimonials and reviews by Repuso
Date: Oct 22, 2025
Research Description: Missing Authorization vulnerability in Repuso Social proof testimonials and reviews by Repuso social-testimonials-and-reviews-widget.This issue affects Social proof testimonials and reviews by Repuso: from n/a through <= 5.29.
Affected versions: max 5.29.
Status: vulnerable