Headline
CVE-2021-36861: Rich Reviews by Starfish
Cross-Site Request Forgery (CSRF) vulnerability in Rich Reviews by Starfish plugin <= 1.9.14 at WordPress allows an attacker to delete reviews.
- Details
- Reviews
- Support
- Development
This plugin has been closed as of August 2, 2022 and is not available for download. This closure is temporary, pending a full review.
Very bad plugin. Google doesn’t show the snippets. When I ask this to the support, they said that I need to wait more. But I’ve already waited more than 1 year! And still no Google snippets. Go with much more a better plugin.
After a week and no respons i deactivated the plugin. I, and support of Starfish, was not able to activate the license. I need to go on. I have a waiting customer.
This guys will help you everytime! Thanks for such simple and effective tool. Regards, Alex
The plugin code contains a bunch of errors. For example, you will never see a warning if you have not rated a review, even if the rating field in the settings is required. Very bad localization. Many text strings in the plugin are not translated at all, as they are hardcoded. Finally, reviews are sent multiple times. Several duplicate records appear in the database and the same number of notifications are sent to e-mail. So, I does NOT recommend this plugin at all!
Плагин не умеет в локализацию.
doesn’t have product as an option… definitely don’t recommend for google snippet.
Read all 115 reviews
“Rich Reviews by Starfish” is open source software. The following people have contributed to this plugin.
Contributors