Vulnerabilities > Cusrev > Customer Reviews FOR Woocommerce > 5.38.9
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-16 | CVE-2024-10614 | Missing Authorization vulnerability in Cusrev Customer Reviews for Woocommerce The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to unauthorized access due to a missing capability check on the cancel_import() function in all versions up to, and including, 5.61.0. | 4.3 |
| 2024-01-11 | CVE-2023-6979 | Unrestricted Upload of File with Dangerous Type vulnerability in Cusrev Customer Reviews for Woocommerce The Customer Reviews for WooCommerce plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the ivole_import_upload_csv AJAX action in all versions up to, and including, 5.38.9. | 8.8 |