Lucene search
China National Vulnerability DatabaseCNVD-2022-66594HistoryMar 02, 2022 - 12:00 a.m.
WordPress Testimonial Plugin Cross-Site Scripting Vulnerability
2022-03-0200:00:00
China National Vulnerability Database
www.cnvd.org.cn
11
wordpress
testimonial plugin
cross-site scripting
vulnerability
php
javascript
cnvd
EPSS
0.001
Percentile
30.0%
WordPress is a set of blogging platforms developed by the Wordpress Foundation using the PHP language. A cross-site scripting vulnerability exists in versions of the WordPress Testimonial Plugin prior to 1.4.7. The vulnerability stems from the failure of the Testimonial plugin to clean and escape the id parameter before outputting it back to the property, which could be exploited by an attacker to Execute JavaScript code.
Related
wpexploit
wpexploit
AP Custom Testimonial < 1.4.8 - Reflected Cross-Site Scripting
2022-01-25 00:00:00
cve
cve
CVE-2022-23912
2022-02-28 09:15:09
wpvulndb
wpvulndb
AP Custom Testimonial < 1.4.8 - Reflected Cross-Site Scripting
2022-01-25 00:00:00
patchstack
patchstack
prion
prion
Cross site scripting
2022-02-28 09:15:00
cvelist
cvelist
nvd
nvd
CVE-2022-23912
2022-02-28 09:15:09