Live Vulnerability Intelligence

Threat Database

Search CVEs, inspect descriptions, and open detail pages with AI-assisted technical context.

Total2

Critical0

High1

Medium1

Search Severity Year Type Sort Order

Reset

Showing 1-2 of 2 records

Threat Entry Updated 2025-03-11

CVE-2025-1707 - Review Schema Plugin

The Review Schema plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 2.2.4 via post meta. This makes it possible for authenticated attackers, with contributor-level and above permissions, to include and execute arbitrary files on the server, allowing the execution of any PHP code in those files. This can be used to bypass access controls, obtain sensitive data, or achieve code execution in cases where php file type can be uploaded and included.

PLUGIN Review Schema

CVE-2025-1707

HIGH CVSS 8.8 2025-03-11

Risk Score

Open Full Technical Breakdown

Threat Entry Updated 2024-11-21

CVE-2024-0836 - Review Schema Plugin

The WordPress Review & Structure Data Schema Plugin – Review Schema plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the rtrs_review_edit() function in all versions up to, and including, 2.1.14. This makes it possible for authenticated attackers, with subscriber-level access and above, to modify arbitrary reviews.

PLUGIN Review Schema

CVE-2024-0836

MEDIUM CVSS 4.3 2024-01-31

Risk Score

Open Full Technical Breakdown

Blog

"Prevention is cheaper than a breach"

Threat Database

CVE-2025-1707 - Review Schema Plugin

CVE-2024-0836 - Review Schema Plugin

Company Links

Contact Us