CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

17 matches found

RedhatCVE•added 2025/12/17 10:3 a.m.•2 views

CVE-2025-67912

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Premio Stars Testimonials stars-testimonials-with-slider-and-masonry-grid allows Stored XSS.This issue affects Stars Testimonials: from n/a through = 3.3.4...

6.5CVSS5.9AI score0.00029EPSS

Exploits0References1

EUVD•added 2025/12/16 9:31 a.m.•1 views

EUVD-2025-203567

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gal Dubinski Stars Testimonials stars-testimonials-with-slider-and-masonry-grid allows Stored XSS.This issue affects Stars Testimonials: from n/a through = 3.3.4...

6.5CVSS5.5AI score0.00029EPSS

Exploits0References2

NVD•added 2025/12/16 9:15 a.m.•0 views

CVE-2025-67912

6.5CVSS0.00029EPSS

Exploits0References1

Cvelist•added 2025/12/16 8:12 a.m.•29 views

CVE-2025-67912 WordPress Stars Testimonials plugin <= 3.3.4 - Cross Site Scripting (XSS) vulnerability

6.5CVSS0.00029EPSS

Exploits0References1

Vulnrichment•added 2025/12/16 8:12 a.m.•1 views

CVE-2025-67912 WordPress Stars Testimonials plugin <= 3.3.4 - Cross Site Scripting (XSS) vulnerability

6.5CVSS5.9AI score0.00029EPSS

Exploits0References1

CVE•added 2025/12/16 8:12 a.m.•3 views

CVE-2025-67912

CVE-2025-67912 is a stored XSS vulnerability in the WordPress plugin Stars Testimonials — Responsive Reviews & Star Ratings (slider and masonry grid) affecting versions up to and including 3.3.4 . The issue arises from improper input handling during web page generation, enabling attacker-supplied...

6.5CVSS5.9AI score0.00029EPSS

Exploits0References1

Positive Technologies•added 2025/12/16 12:0 a.m.•2 views

PT-2025-51431

Name of the Vulnerable Software and Affected Versions Gal Dubinski Stars Testimonials versions through 3.3.4 Description The software contains a flaw related to improper input handling during web page generation, which allows for Stored Cross-site Scripting XSS. This means that malicious scripts...

6.5CVSS6AI score0.00029EPSS

Exploits0References5

CNNVD•added 2025/12/16 12:0 a.m.•1 views

WordPress plugin Stars Testimonials 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exis...

6.5CVSS5.6AI score0.00029EPSS

Exploits0References3

Patchstack•added 2025/11/10 1:34 a.m.•3 views

WordPress Stars Testimonials plugin <= 3.3.4 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Stars Testimonials versions = 3.3.4...

6.5CVSS6.1AI score0.00029EPSS

Exploits0Affected Software1

RedhatCVE•added 2025/05/23 10:37 a.m.•3 views

CVE-2024-8989

The Free Responsive Testimonials, Social Proof Reviews, and Customer Reviews – Stars Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's starstestimonials shortcode in all versions up to, and including, 3.3.1 due to insufficient input sanitization and...

6.4CVSS5.8AI score0.00255EPSS

Exploits0References1

CNNVD•added 2024/12/05 12:0 a.m.•1 views

WordPress plugin Stars Testimonials 安全漏洞

WordPress and WordPress plugin are products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in...

8.8CVSS7.8AI score0.00287EPSS

Exploits0References3

Patchstack•added 2024/12/04 10:9 p.m.•2 views

WordPress Stars Testimonials plugin <= 3.3.3 - Authenticated (Contributor+) Local File Inclusion vulnerability

Authenticated Contributor+ Local File Inclusion vulnerability discovered by Peter Thaleikis in WordPress Plugin Stars Testimonials versions = 3.3.3...

8.8CVSS7AI score0.00287EPSS

Exploits0References1Affected Software1

Vulnrichment•added 2024/10/01 7:30 a.m.•7 views

CVE-2024-8989 Stars Testimonials <= 3.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via stars_testimonials Shortcode

6.4CVSS5.8AI score0.00255EPSS

Exploits0References5

Patchstack•added 2024/10/01 3:16 a.m.•2 views

WordPress Stars Testimonials plugin <= 3.3.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via stars_testimonials Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via starstestimonials Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin Stars Testimonials versions = 3.3.1...

6.4CVSS5.8AI score0.00255EPSS

Exploits0References1Affected Software1

CNNVD•added 2024/10/01 12:0 a.m.•2 views

WordPress plugin Stars Testimonials 安全漏洞

6.4CVSS5.7AI score0.00255EPSS

Exploits0References5

Patchstack•added 2024/10/01 12:0 a.m.•8 views

WordPress Stars Testimonials Plugin <= 3.3.1 is vulnerable to Cross Site Scripting (XSS)

Software Stars Testimonials Type Plugin Vulnerable versions = 3.3.1 Fixed in 3.3.2 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8989 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID b53073d7e5ac Credits Peter Thaleikis...

6.4CVSS5.8AI score0.00255EPSS

Exploits0References3Affected Software1

Positive Technologies•added 2024/10/01 12:0 a.m.•2 views

PT-2024-39354 · WordPress · Stars Testimonials

Name of the Vulnerable Software and Affected Versions: Stars Testimonials plugin for WordPress versions up to, and including, 3.3.1 Description: The issue is related to Stored Cross-Site Scripting in the Stars Testimonials plugin for WordPress. This is due to insufficient input sanitization and...

6.4CVSS6.3AI score0.00255EPSS

Exploits0References9

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by