cleantalk
Vulnerabilities and Security Researches

Ultimate Reviews, 6f21ed04a9f12ae477da929e077a2ecc2ffeb911

CVE, Research URL

6f21ed04a9f12ae477da929e077a2ecc2ffeb911

Home page URL

Security reports for Ultimate Reviews

Application

Ultimate Reviews

Published on
Nov 10, 2020
Research Description
Ultimate Reviews [ultimate-reviews] < 2.1.33 WordPress Ultimate Reviews plugin <= 2.1.32 - Insecure Deserialization vulnerability leading to unauthenticated PHP object injection Insecure Deserialization vulnerability leading to unauthenticated PHP object injection found by Jerome Bruandet (NinTechNet) in WordPress Ultimate Reviews plugin (versions <= 2.1.32).
Affected versions
max 2.1.33.
Status
vulnerable
Previous vulnerability researches
WP Ultimate Reviews FREE (CVE-2025-23739) , Mar 05, 2025
Ultimate Reviews (6f21ed04a9f12ae477da929e077a2ecc2ffeb911) , Jun 16, 2026
Ultimate Reviews (CVE-2025-49266) , Jun 15, 2025
Ultimate Reviews (CVE-2022-23979) , Jun 07, 2024
Ultimate Reviews (CVE-2024-25597) , Jun 07, 2024
New vulnerability
WP SMS &#8211; Messaging &amp; SMS Notification for WordPress, WooCommerce, GravityForms, etc (fc2d7281-abec-475b-8e8d-8dbc47de78da) , Jun 16, 2026
WP SMS &#8211; Messaging &amp; SMS Notification for WordPress, WooCommerce, GravityForms, etc (4336a858-e642-431f-9d69-9b8b5f6e5e36) , Jun 16, 2026
WP SMS &#8211; Messaging &amp; SMS Notification for WordPress, WooCommerce, GravityForms, etc (fbb699ffd6cd26aa92e9fbcfae6975f1a571a917) , Jun 16, 2026
WP SMS &#8211; Messaging &amp; SMS Notification for WordPress, WooCommerce, GravityForms, etc (5d24b553d035422e9f15d27c938820151be3e9ba) , Jun 16, 2026
WP SMS &#8211; Messaging &amp; SMS Notification for WordPress, WooCommerce, GravityForms, etc (c9038d9e6e459de1ff8abd00bd5a0f71e49ef5d8) , Jun 16, 2026