Rich Reviews plugin for WordPress vulnerability actively abused

The Rich Reviews plugin was removed from the directory on March 11, 2019. This was done due to a security issue.

It appears that there is still active abuse of the XSS vulnerability found in the plugin. Wordfence estimates that the plugin has around 16,000 active installations. These websites are all vulnerable. Users are therefore urgently advised to remove the plugin as quickly as possible.


Problems with the Rich Reviews plugin

Two weeks ago a user of the Rich Reviews plugin reported that 3 of the 4 websites that used the plugin were infected with redirect scripts. Removing the plugin corrected the problem, she reported. Nuanced Media, the author of the plugin, responded to her post that they were working on a new version:

We’ve been working on an overall rewrite of the plugin for a while, but apparently someone wanted us to work faster and decided to misuse our plugin to bring out malware. We are now going to speed it up and hope to have the plugin (updated and safe) online within the next two weeks.

No patch available

Strangely enough, there seemed to be no rush to patch the leak that is currently being exploited. Less than a week after users were assured that a new version was coming, Nuanced Media announced that they will immediately stop the active support and development of Rich Reviews.

Nuanced Media CEO Ryan Flannagan cited recent changes to Google’s business review guidelines as the reason: “Google has decided to remove all sellers’ reviews that companies display on their own URL from the organic search results. Based on this information, we have stopped all active developments and support from Rich Reviews. We apologize for the inconvenience.”

Nothing was said about the vulnerability or recent abuse of the leak in the Rich Reviews plugin. However, users must assume that a patch will no longer appear. Those who still use Rich Reviews can best deactivate and remove the plugin.

Related Posts

Privacy Preferences
When you visit our website, it may store information through your browser from specific services, usually in form of cookies. Here you can change your privacy preferences. Please note that blocking some types of cookies may impact your experience on our website and the services we offer.