CVE-2022-4717

creationtimestamp| type| source ---|---|--- 2025-03-25 21:25:30+00:00| published-proof-of-concept| https://t.me/DarkWebInformerCVEAlerts/8781...

WordPress Strong Testmionials Plugin < 3.0.3 XSS Vulnerability

The WordPress plugin SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:machothemes:strongtestimonials"; if description...

CVE-2022-4717

The CVE-2022-4717 entry concerns the WordPress plugin Strong Testimonials prior to version 3.0.3. The vulnerability stems from not validating/escaping certain shortcode attributes, enabling Stored XSS that could be exploited by a user with Contributor privileges to impact high-privilege users (e....

CVE-2022-4717 Strong Testimonials < 3.0.3 - Contributor+ Stored XSS via Shortcode

The Strong Testimonials WordPress plugin before 3.0.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high...

WordPress Strong Testimonials Plugin < 3.0.3 is vulnerable to Cross Site Scripting (XSS)

Software Strong Testimonials Type Plugin Vulnerable versions 3.0.3 Fixed in 3.0.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-4717 Patch priority Medium CVSS severity Medium 6.3 Developer Claim ownership PSID fb189a8a235c Credits Lana Codes...