CVE-2025-14891 | Customer Reviews for WooCommerce Plugin up to 5.93.1 on WordPress displayName cross site scripting

Inserito da Angelo Barbosa | Gen 6, 2026 | CVE

A vulnerability identified as problematic has been detected in Customer Reviews for WooCommerce Plugin up to 5.93.1 on WordPress. Affected by this vulnerability is an unknown functionality. This manipulation of the argument displayName causes cross site scripting.

This vulnerability is handled as CVE-2025-14891. The attack can be initiated remotely. There is not any exploit available.

CVE-2025-14891 | Customer Reviews for WooCommerce Plugin up to 5.93.1 on WordPress displayName cross site scripting

Post correlati

CVE-2024-13151 | Logo Retail Sales Management up to 20250918 authorization bypass through user-controlled sql primary key

CVE-2024-1496 | Featured Image from URL Plugin up to 4.6.2 on WordPress fifu_input_url cross site scripting

CVE-2024-25567 | Delta Electronics DIAEnergie prior 1.10.00.005 path traversal (icsa-24-074-12)

CVE-2025-67731 | Aarondoran servify-express up to 1.1 JSON Parser express.json resource consumption