Lucene search
K

20 matches found

NVD
NVD
added 2025/10/29 10:15 a.m.9 views

CVE-2015-10147

The Easy Testimonial Slider and Form plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

4.9CVSS0.0027EPSS
Exploits0References2
CVE
CVE
added 2025/10/29 9:27 a.m.16 views

CVE-2015-10147

CVE-2015-10147 summary (NORMAL) The Easy Testimonial Slider and Form WordPress plugin is vulnerable to SQL Injection via the id parameter in all versions up to and including 1.0.2 due to insufficient escaping and improper query preparation. This allows authenticated attackers with Administrator-l...

4.9CVSS6.2AI score0.0027EPSS
Exploits0References2Affected Software1
EUVD
EUVD
added 2025/10/29 9:27 a.m.8 views

EUVD-2015-9405

The Easy Testimonial Slider and Form plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

4.9CVSS6.1AI score0.0027EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/10/29 6:14 a.m.8 views

WordPress Easy Testimonial Slider and Form plugin <= 1.0.2 - Authenticated (Admin+) SQL injection vulnerability

Authenticated Admin+ SQL injection vulnerability discovered by Ala Arfaoui in WordPress Plugin Easy Testimonial Slider and Form versions = 1.0.2...

4.9CVSS7.9AI score0.0027EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/10/29 12:0 a.m.6 views

PT-2025-44271

Name of the Vulnerable Software and Affected Versions Easy Testimonial Slider and Form versions up to and including 1.0.2 Description The Easy Testimonial Slider and Form plugin for WordPress is susceptible to SQL Injection via the id parameter. This is due to inadequate input sanitization and...

4.9CVSS6.8AI score0.0027EPSS
Exploits0References5
CNNVD
CNNVD
added 2025/10/29 12:0 a.m.11 views

WordPress plugin Easy Testimonial Slider and Form SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plug-in. A SQL injection...

4.9CVSS7.6AI score0.0027EPSS
Exploits0References3
EUVD
EUVD
added 2025/10/03 8:7 p.m.6 views

EUVD-2023-50043

Malicious code in bioql PyPI...

5.9CVSS6.4AI score0.00418EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/03 8:7 p.m.7 views

EUVD-2022-49581

Malicious code in bioql PyPI...

7.1CVSS6.9AI score0.00382EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:19 a.m.9 views

CVE-2023-45754

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form allows Stored XSS.This issue affects Easy Testimonial Slider and Form: from n/a through 1.0.18...

5.9CVSS6.5AI score0.00418EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/02/05 9:1 p.m.12 views

CVE-2022-46799

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form plugin = 1.0.15 versions...

7.1CVSS5.8AI score0.00382EPSS
Exploits0References1
OSV
OSV
added 2023/10/25 6:17 p.m.6 views

CVE-2023-45754

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form allows Stored XSS.This issue affects Easy Testimonial Slider and Form: from n/a through 1.0.18...

4.8CVSS7.3AI score0.00418EPSS
Exploits0References1
NVD
NVD
added 2023/10/25 6:17 p.m.16 views

CVE-2023-45754

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form allows Stored XSS.This issue affects Easy Testimonial Slider and Form: from n/a through 1.0.18...

5.9CVSS5.7AI score0.00418EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/25 12:0 a.m.4 views

WordPress Plugin Easy Testimonial Slider and Form Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

5.9CVSS5.9AI score0.00418EPSS
Exploits0References2
CVE
CVE
added 2023/10/24 11:31 a.m.61 views

CVE-2023-45754

CVE-2023-45754 : A stored Cross-Site Scripting (XSS) flaw in the WordPress plugin “Easy Testimonial Slider and Form” (versions ≤ 1.0.18). The root cause is improper input neutralization during web page generation, enabling an attacker (with administrator privileges per PatchStack/Wordfence contex...

5.9CVSS6.5AI score0.00418EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/24 12:0 a.m.4 views

PT-2023-29670 · WordPress · Easy Testimonial Slider/Form

Name of the Vulnerable Software and Affected Versions: Easy Testimonial Slider and Form versions 1.0.18 and earlier Description: The issue is related to improper neutralization of input during web page generation, which allows for stored cross-site scripting XSS. This means that an attacker can...

5.9CVSS5.7AI score0.00418EPSS
Exploits0References5
NVD
NVD
added 2023/05/08 12:15 p.m.23 views

CVE-2022-46799

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form plugin = 1.0.15 versions...

7.1CVSS6.3AI score0.00382EPSS
Exploits0References1
OSV
OSV
added 2023/05/08 12:15 p.m.2 views

CVE-2022-46799

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form plugin = 1.0.15 versions...

6.1CVSS5.8AI score0.00382EPSS
Exploits0References1
Prion
Prion
added 2023/05/08 12:15 p.m.19 views

Cross site scripting

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form plugin = 1.0.15 versions...

5.8CVSS6AI score0.00382EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2023/05/08 11:44 a.m.45 views

CVE-2022-46799

The CVE-2022-46799 entry describes an unauthenticated Reflected Cross-Site Scripting (XSS) in the WordPress plugin Easy Testimonial Slider and Form, versions up to 1.0.15. The root cause is improper input handling (lack of proper sanitization/escaping) when outputting a parameter back to the page...

7.1CVSS6AI score0.00382EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2023/03/02 12:0 a.m.13 views

WordPress Easy Testimonial Slider and Form Plugin <= 1.0.15 is vulnerable to Cross Site Scripting (XSS)

Software Easy Testimonial Slider and Form Type Plugin Vulnerable versions = 1.0.15 Fixed in 1.0.16 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2022-46799 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 929579106c87 Credit...

7.1CVSS5.9AI score0.00382EPSS
Exploits0References2Affected Software1
Rows per page
Query Builder