High 8.8
2026-02-13< 3.1.20
Starfish Review Generation & Marketing for WordPress <= 3.1.19 - Authenticated (Subscriber+) Arbitrary Options Update via srm_restore_options_defaults
Starfish Review Generation & Marketing for WordPress
Minimum safe version
3.1.20
Update to 3.1.20 or later to address 9 fixable vulnerabilities
Latest available3.1.20 ✓
High 8.8
2025-04-17< 3.1.20
CVE-2025-39533
Medium 6.3
2024-10-16< 3.0.26
Freemius SDK <= 2.4.2 - Missing Authorization Checks
N/A
2023-07-18< 3.1.1
WordPress Starfish Review Generation & Marketing for WordPress Plugin < 3.1.1 is vulnerable to Cross Site Scripting (XSS)
N/A
2019-02-25< 2.0.1
Freemius SDK <= 2.2.3 - Missing Authorization to Arbitrary Options Update
N/A
2022-03-04< 3.0.26
Freemius SDK <= 2.4.2 - Missing Authorization Checks
N/A
< 2.0.1
Freemius Library < 2.2.4 - Subscriber+ Arbitrary Option Update
N/A
2022-02-28< 3.0.26
WordPress Starfish Review Generation & Marketing for WordPress plugin <= 3.0.25 - Sensitive Information Disclosure vulnerability
N/A
2022-02-28< 3.0.26
WordPress Starfish Review Generation & Marketing for WordPress plugin <= 3.0.25 - Toggle The Debug Mode via Cross-Site Request Forgery (CSRF) vulnerability