CVE-2023-1372

creationtimestamp| type| source ---|---|--- 2023-03-13 15:53:14+00:00| seen| https://t.me/cibsecurity/59880...

CVE-2023-1372

The WH Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters such as whhomepage, whtextshort, whtextfull and in versions up to, and including, 3.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat...

CVE-2023-1372 WH Testimonials <= 3.0.0 - Unauthenticated Stored Cross-Site Scripting

The WH Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters such as whhomepage, whtextshort, whtextfull and in versions up to, and including, 3.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat...

CVE-2023-1372 WH Testimonials <= 3.0.0 - Unauthenticated Stored Cross-Site Scripting

The WH Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via several parameters such as whhomepage, whtextshort, whtextfull and in versions up to, and including, 3.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticat...

CVE-2023-1372

CVE-2023-1372 affects the WH Testimonials WordPress plugin. The vulnerability is Stored Cross-Site Scripting in multiple parameters (e.g., wh_homepage, wh_text_short, wh_text_full) in versions up to and including 3.0.0, caused by insufficient input sanitization and output escaping. Unauthenticate...

WordPress WH Testimonials Plugin <= 3.0.0 is vulnerable to Cross Site Scripting (XSS)

Software WH Testimonials Type Plugin Vulnerable versions = 3.0.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-1372 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID 83cf629d552b Credits Daniel Kelley Required...