CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

233 matches found

EUVD•added 2026/05/10 3:31 p.m.•11 views

EUVD-2022-55972

WordPress Plugin Testimonial Slider and Showcase 2.2.6 contains a stored cross-site scripting vulnerability that allows authenticated editors to inject malicious scripts by failing to sanitize the posttitle parameter. Attackers with editor privileges can inject JavaScript payloads through the...

6.4CVSS5.7AI score0.00034EPSS

Exploits0References5

NVD•added 2026/05/10 1:16 p.m.•5 views

CVE-2022-50947

6.4CVSS0.00034EPSS

Exploits0References4

CVE•added 2026/05/10 12:12 p.m.•16 views

CVE-2022-50947

The CVE-2022-50947 entry concerns WordPress Plugin Testimonial Slider and Showcase version 2.2.6. A stored XSS vulnerability exists in the post_title field due to insufficient sanitization, exploitable by authenticated editors with low privileges. Attackers with editor rights can inject JavaScrip...

6.4CVSS5.7AI score0.00034EPSS

Exploits0References4

Vulnrichment•added 2026/05/10 12:12 p.m.•3 views

CVE-2022-50947 WordPress Plugin Testimonial Slider and Showcase 2.2.6 Stored XSS

6.4CVSS5.7AI score0.00034EPSS

Exploits0References4

Cvelist•added 2026/05/10 12:12 p.m.•28 views

CVE-2022-50947 WordPress Plugin Testimonial Slider and Showcase 2.2.6 Stored XSS

6.4CVSS0.00034EPSS

Exploits0References4

ATTACKERKB•added 2026/05/10 12:12 p.m.•3 views

CVE-2022-50947

6.4CVSS5.7AI score0.00034EPSS

Exploits0References4Affected Software1

CNNVD•added 2026/05/10 12:0 a.m.•5 views

WordPress plugin Testimonial Slider and Showcase 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

6.4CVSS5.8AI score0.00034EPSS

Exploits0References1

Positive Technologies•added 2026/05/10 12:0 a.m.•11 views

PT-2026-39476

WordPress Plugin Testimonial Slider and Showcase 2.2.6 contains a stored cross-site scripting vulnerability that allows authenticated editors to inject malicious scripts by failing to sanitize the post title parameter. Attackers with editor privileges can inject JavaScript payloads through the...

6.4CVSS5.7AI score0.00034EPSS

Exploits0References5

Patchstack•added 2026/05/01 9:16 a.m.•4 views

WordPress Solid Testimonials – Testimonial Slider, Video Testimonials & Customer Reviews plugin <= 3.2.8 - Unauthenticated Reflected Cross-Site Scripting vulnerability

Unauthenticated Reflected Cross-Site Scripting vulnerability discovered by Asaf Mozes in WordPress Plugin GS Testimonial Slider versions = 3.2.8...

6.1CVSS5.8AI score0.00135EPSS

Exploits0References1Affected Software1

Patchstack•added 2026/04/14 11:37 a.m.•2 views

WordPress Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget plugin <= 3.5.6 - Backdoor vulnerability

Backdoor vulnerability discovered by ? in WordPress Plugin Testimonial Grid and Testimonial Slider plus Carousel with Rotator Widget versions = 3.5.6...

5.8AI score

Exploits0References1Affected Software1

RedhatCVE•added 2026/02/21 7:30 p.m.•2 views

CVE-2025-68000

Missing Authorization vulnerability in PickPlugins Testimonial Slider testimonial allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Testimonial Slider: from n/a through = 2.0.15...

6.5CVSS5.5AI score0.00015EPSS

Exploits0References1

NVD•added 2026/02/20 4:22 p.m.•3 views

CVE-2025-68000

6.5CVSS0.00015EPSS

Exploits0References1

Vulnrichment•added 2026/02/20 3:46 p.m.•2 views

CVE-2025-68000 WordPress Testimonial Slider plugin <= 2.0.15 - Broken Access Control vulnerability

6.5CVSS5.3AI score0.00015EPSS

Exploits0References1

CVE•added 2026/02/20 3:46 p.m.•9 views

CVE-2025-68000

CVE-2025-68000 is a Missing Authorization (Broken Access Control) vulnerability in PickPlugins Testimonial Slider for WordPress, affecting version(s) up to 2.0.15. Public sources (NVD/Red Hat/CVE) confirm the issue and version range. PT-Security recommends upgrading to a version later than 2.0.15...

6.5CVSS5.5AI score0.00015EPSS

Exploits0References1

Cvelist•added 2026/02/20 3:46 p.m.•20 views

CVE-2025-68000 WordPress Testimonial Slider plugin <= 2.0.15 - Broken Access Control vulnerability

6.5CVSS0.00015EPSS

Exploits0References1

RedhatCVE•added 2026/02/20 1:25 p.m.•5 views

CVE-2026-2716

The Client Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'Testimonial Heading' setting in all versions up to, and including, 2.0. This is due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers,...

4.4CVSS5.7AI score0.00039EPSS

Exploits0References1

Positive Technologies•added 2026/02/20 12:0 a.m.•4 views

PT-2026-21067

Name of the Vulnerable Software and Affected Versions PickPlugins Testimonial Slider versions through 2.0.15 Description A missing authorization issue exists in PickPlugins Testimonial Slider. The issue involves exploiting incorrectly configured access control security levels within the testimoni...

5.4AI score0.00015EPSS

Exploits0References3

CNNVD•added 2026/02/20 12:0 a.m.•5 views

WordPress plugin Testimonial Slider 安全漏洞

6.5CVSS5.8AI score0.00015EPSS

Exploits0References1

NVD•added 2026/02/19 10:16 a.m.•2 views

CVE-2026-2716

4.4CVSS0.00039EPSS

Exploits0References3

Cvelist•added 2026/02/19 9:26 a.m.•27 views

CVE-2026-2716 Client Testimonial Slider <= 2.0 - Authenticated (Administrator+) Stored Cross-Site Scripting via 'Testimonial Heading' Setting