8
CVE-2023-48275
- EPSS 0.54%
- Veröffentlicht 26.03.2024 21:15:52
- Zuletzt bearbeitet 28.04.2026 19:22:07
- Quelle audit@patchstack.com
- CVE-Watchlists
- Unerledigt
WordPress Widgets for Google Reviews plugin <= 11.0.2 - Arbitrary File Upload vulnerability
Multiple Plugins by Trustindex.io <= (Various Versions)- Authenticated (Editor+) Arbitrary File Upload
Unrestricted Upload of File with Dangerous Type vulnerability in Trustindex.Io Widgets for Google Reviews.This issue affects Widgets for Google Reviews: from n/a through 11.0.2.
Mögliche Gegenmaßnahme
Customer Reviews Collector for WooCommerce: Update to version 4.0, or a newer patched version
Widgets for Reviews & Recommendations: Update to version 11.1, or a newer patched version
Widgets for Airbnb Reviews: Update to version 11.1, or a newer patched version
Widgets for Amazon Reviews: Update to version 11.1, or a newer patched version
Widgets for Árukereső Reviews: Update to version 11.1, or a newer patched version
Widgets for Booking.com Reviews: Update to version 11.1, or a newer patched version
Widgets for Capterra Reviews: Update to version 11.1, or a newer patched version
Widgets for Foursquare Reviews: Update to version 11.1, or a newer patched version
Widgets for Hotels.com Reviews: Update to version 11.1, or a newer patched version
Widgets for Opentable Reviews: Update to version 11.1, or a newer patched version
Review Widgets for Szallas.hu: Update to version 11.1, or a newer patched version
WP Tripadvisor Review Widgets: Update to version 11.1, or a newer patched version
Widgets for WordPress Reviews: Update to version 11.1, or a newer patched version
Widgets for Yelp Reviews: Update to version 11.1, or a newer patched version
Widgets for Alibaba Reviews: Update to version 11.1, or a newer patched version
Widgets for AliExpress Reviews: Update to version 11.1, or a newer patched version
Widgets for Ebay Reviews: Update to version 11.1, or a newer patched version
Widgets for SourceForge Reviews: Update to version 11.1, or a newer patched version
Widgets for Thumbtack Reviews: Update to version 11.1, or a newer patched version
Widgets for Zillow Reviews: Update to version 11.1, or a newer patched version
Widgets for Google Reviews: Update to version 11.1, or a newer patched version
Daten sind bereitgestellt durch das CVE Programm von Authorized Data Publishers (ADP) (Unstrukturiert)
Herstellertrustindex
≫
Produkt
widgets_for_google_reviews
Default Statusunknown
Version <=
11.0.2
Version
0
Status
affected
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. 
Login
LoginWeitere Schwachstelleninformationen
SystemWordPress Plugin
≫
Produkt
Customer Reviews Collector for WooCommerce
Version
*-3.9
SystemWordPress Plugin
≫
Produkt
Widgets for Reviews & Recommendations
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for Airbnb Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for Amazon Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for Árukereső Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for Booking.com Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for Capterra Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for Foursquare Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for Hotels.com Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for Opentable Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Review Widgets for Szallas.hu
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
WP Tripadvisor Review Widgets
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for WordPress Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for Yelp Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for Alibaba Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for AliExpress Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for Ebay Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for SourceForge Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for Thumbtack Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for Zillow Reviews
Version
*-11.0.2
SystemWordPress Plugin
≫
Produkt
Widgets for Google Reviews
Version
*-11.0.2
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.54% | 0.408 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| audit@patchstack.com | 8 | 1.3 | 6 |
CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
|
CWE-434 Unrestricted Upload of File with Dangerous Type
The product allows the upload or transfer of dangerous file types that are automatically processed within its environment.
https://patchstack.com/database/vulnerability/wp-reviews-plugin-for-google/wordpress-widgets-for-google-reviews-plugin-11-0-2-arbitrary-file-upload-vulnerability?_s_id=cve
https://www.wordfence.com/threat-intel/vulnerabilities/id/504c0132-530b-4184-b19a-97e68df79b48