CVE-2024-13704
- EPSS 0.52%
- Veröffentlicht 18.02.2025 08:15:09
- Zuletzt bearbeitet 07.01.2026 20:24:34
The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'st_user_title' parameter in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping. This makes it possible ...
CVE-2023-5613
- EPSS 0.09%
- Veröffentlicht 20.10.2023 05:15:08
- Zuletzt bearbeitet 07.01.2026 20:24:15
The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tpsscode' shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attri...
CVE-2022-3539
- EPSS 0.23%
- Veröffentlicht 14.11.2022 15:15:50
- Zuletzt bearbeitet 07.01.2026 20:25:02
The Testimonials WordPress plugin before 2.7, super-testimonial-pro WordPress plugin before 1.0.8 do not sanitize and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_ht...
CVE-2021-36858
- EPSS 0.21%
- Veröffentlicht 28.10.2022 16:15:13
- Zuletzt bearbeitet 07.01.2026 19:38:51
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Themepoints Testimonials plugin <= 2.6 on WordPress.