Missing Authorization Vulnerability in Repuso Social Proof Testimonials and Reviews Plugin
CVE-2025-62071

4.3MEDIUM

Key Information:

Vendor: WordPress
Status: Social Proof Testimonials And Reviews By Repuso
Vendor: CVE Published:; 22 October 2025

What is CVE-2025-62071?

A missing authorization vulnerability exists in the Social Proof Testimonials and Reviews plugin by Repuso, impacting versions up to 5.29. This allows unauthorized users to access sensitive functionality, potentially leading to exposure of critical information and manipulation of testimonial displays on WordPress sites. It is crucial for site administrators to update the plugin promptly to mitigate the risks associated with this vulnerability.

Affected Version(s)

Social proof testimonials and reviews by Repuso <= n/a

References

https://vdp.patchstack.com/database/Wordpress/Plugin/soci...

vdb-entry

CVSS V3.1

Score:

4.3

Severity:

MEDIUM

Confidentiality:

Low

Integrity:

None

Availability:

Low

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 22, 2025
Vulnerability Reserved
Oct 7, 2025

Credit

Nabil Irawan (Patchstack Alliance)

JSON