Rich Reviews <= 1.7.4 - Unauthenticated Plugin Options Update



Description
This issue was found to be actively exploited in the wild by security vendor Wordfence. Refer to the references for further details.

Affects Plugin

fixed in version 1.8.0

References

URL https://www.wordfence.com/blog/2019/09/rich-reviews-plugin-vulnerability-exploited-in-the-wild/
URL https://wordpress.org/support/topic/plugin-not-supported-open-to-malware-uninstall-now/

Classification

Type BYPASS

Miscellaneous

Views 4695
Verified No
WPVDB ID 9885

Timeline

Publicly Published 2019-09-24 (3 months ago)
Added 2019-09-24 (2 months ago)
Last Updated 2019-11-28 (10 days ago)

Our Other Services

Online WordPress Vulnerability Scanner WPScan WordPress Security Plugin