For some reason, escaped data are stored in the database. In the admin backend (wp-content/plugins/wp-customer-reviews/wp-customer-reviews-admin.php), stripslashes() on some fields is used & data are shown ok. But nothing is unescaped in the frontend. So, to fix the issue, add the following code to wp-content/plugins/wp-customer-reviews/wp-customer-reviews.php after line foreach ($reviews as $review) {:
$review->review_title = stripslashes($review->review_title);
$review->review_text = stripslashes($review->review_text);
$review->review_response = stripslashes($review->review_response);
$review->reviewer_name = stripslashes($review->reviewer_name);
