Rustaurius Ultimate Reviews
3 CVEs affecting Rustaurius Ultimate Reviews. Latest disclosed: 2026-01-23. Critical: 1, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-36726 | Critical | 9.8 | 2023-06-07 | The Ultimate Reviews plugin for WordPress is vulnerable to PHP Object Injection in versions up to, and including, 2.1.32 via deserialization of untrusted input… |
CVE-2025-49266 | High | 7.1 | 2025-06-17 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Rustaurius Ultimate Reviews ultimate-reviews allows Refle… |
CVE-2026-24634 | Medium | 5.3 | 2026-01-23 | Authorization Bypass Through User-Controlled Key vulnerability in Rustaurius Ultimate Reviews ultimate-reviews allows Exploiting Incorrectly Configured Access… |