Report
The WP Customer Reviews WordPress plugin before 3.5.6 did not sanitise some of its settings, allowing high privilege users such as administrators to set XSS payloads in them which will then be triggered in pages where reviews are enabled
Score:5.4
Severity:Medium
Version: 3.5.5
There is a patch available in v3.5.6 and we strongly recommend you update to this version as soon as possible.
