cleantalk
Vulnerabilities and Security Researches

ReviewX – Multi-criteria Rating & Reviews for WooCommerce, CVE-2025-10734

CVE, Research URL

CVE-2025-10734

Home page URL

Security reports for ReviewX – Multi-criteria Rating & Reviews for WooCommerce

Application

ReviewX – Multi-criteria Rating & Reviews for WooCommerce

Published on
Mar 23, 2026
Research Description
The ReviewX – WooCommerce Product Reviews with Multi-Criteria, Reminder Emails, Google Reviews, Schema & More plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 2.2.12 via the syncedData function. This makes it possible for unauthenticated attackers to extract sensitive data including user names, emails, phone numbers, addresses.
Affected versions
max 2.2.12.
Status
vulnerable
Previous vulnerability researches
ReviewX – Multi-criteria Rating & Reviews for WooCommerce (CVE-2023-40670) , Jun 10, 2024
ReviewX – Multi-criteria Rating & Reviews for WooCommerce (CVE-2023-2833) , Jun 06, 2024
ReviewX – Multi-criteria Rating & Reviews for WooCommerce (CVE-2022-46809) , Jun 06, 2024
ReviewX – Multi-criteria Rating & Reviews for WooCommerce (CVE-2023-26325) , Jun 06, 2024
ReviewX – Multi-criteria Rating & Reviews for WooCommerce (CVE-2024-29812) , Jun 06, 2024
New vulnerability
BackWPup – WordPress Backup Plugin (CVE-2025-15041) , Mar 29, 2026
hCaptcha for WordPress (CVE-2026-25315) , Mar 29, 2026
Breeze – WordPress Cache Plugin (CVE-2025-13864) , Mar 29, 2026
SMTP Mailer (CVE-2026-32538) , Mar 29, 2026
Best WordPress Gallery Plugin – FooGallery (CVE-2026-25362) , Mar 29, 2026