CVE-2022-50947
- EPSS 0.2%
- Veröffentlicht 10.05.2026 13:16:32
- Zuletzt bearbeitet 12.05.2026 14:24:15
WordPress Plugin Testimonial Slider and Showcase 2.2.6 contains a stored cross-site scripting vulnerability that allows authenticated editors to inject malicious scripts by failing to sanitize the post_title parameter. Attackers with editor privilege...
CVE-2024-1746
- EPSS 0.44%
- Veröffentlicht 15.04.2024 05:15:14
- Zuletzt bearbeitet 08.05.2025 16:52:02
The Testimonial Slider WordPress plugin before 2.3.8 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is di...
CVE-2024-1745
- EPSS 0.38%
- Veröffentlicht 26.03.2024 05:15:49
- Zuletzt bearbeitet 07.05.2025 01:27:57
The Testimonial Slider WordPress plugin before 2.3.7 does not properly ensure that a user has the necessary capabilities to edit certain sensitive Testimonial Slider WordPress plugin before 2.3.7 settings, making it possible for users with at least t...