Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
testimonials project testimonials vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-33191
Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Chinmoy Paul's Testimonials plugin <= 3.0.1 at WordPress.
Testimonials Project Testimonials
6.1
CVSSv3
CVE-2022-45817
Cross-Site Scripting (XSS) vulnerability in Erin Garscadden GC Testimonials plugin <= 1.3.2 versions.
Gc Testimonials Project Gc Testimonials
8.8
CVSSv3
CVE-2021-24492
The hndtst_action_instance_callback AJAX call of the Handsome Testimonials & Reviews WordPress plugin prior to 2.1.1, available to any authenticated users, does not sanitise, validate or escape the hndtst_previewShortcodeInstanceId POST parameter before using it in a SQL stat...
Handsome Testimonials \\& Reviews Project Handsome Testimonials \\& Reviews
5.4
CVSSv3
CVE-2022-4750
The WP Responsive Testimonials Slider And Widget WordPress plugin up to and including 1.5 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and a...
Wp Responsive Testimonials Slider And Widget Project Wp Responsive Testimonials Slider And Widget
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-35229
privilege escalation
local users
CVE-2024-5405
CVE-2024-27842
CVE-2024-5274
CVE-2024-5378
CVE-2024-34152
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started