CVE-2026-28132

Publication date

2026-02-26 08:33:36

Family

Patchstack

State

PUBLISHED

Description

Improper Neutralization of Script-Related HTML Tags in a Web Page (Basic XSS) vulnerability in villatheme WooCommerce Photo Reviews woocommerce-photo-reviews allows Code Injection.This issue affects WooCommerce Photo Reviews: from n/a through <= 1.4.4.