Browse all 9 CVE security advisories affecting ReviewX. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Reviewx is a code review platform designed to identify security vulnerabilities in software development pipelines. Historically, it has been associated with multiple remote code execution (RCE) vulnerabilities, cross-site scripting (XSS) flaws, and privilege escalation issues. The platform has recorded nine CVEs to date, with several critical RCE vulnerabilities allowing attackers to execute arbitrary code on affected systems. While no major public security incidents have been widely reported, the consistent pattern of vulnerabilities suggests potential risks in environments where Reviewx is deployed without additional security controls. Organizations implementing Reviewx should ensure regular updates and compensating controls to mitigate identified weaknesses.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-43323 | WordPress ReviewX plugin <= 1.6.28 - Broken Access Control vulnerability — ReviewXCWE-862 | 5.3 | Medium | 2024-11-01 |
| CVE-2024-33921 | WordPress ReviewX plugin <= 1.6.21 - Broken Access Control vulnerability — ReviewX | 4.3 | Medium | 2024-05-03 |
| CVE-2024-29812 | WordPress ReviewX plugin <= 1.6.22 - Cross Site Scripting (XSS) vulnerability — ReviewXCWE-79 | 6.5 | Medium | 2024-03-27 |
This page lists every published CVE security advisory associated with ReviewX. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.