EUVD-2024-40615

Malicious code in bioql PyPI...

EUVD-2024-40616

Malicious code in bioql PyPI...

EUVD-2024-31759

Malicious code in bioql PyPI...

CVE-2024-3162

The Jeg Elementor Kit plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonial Widget Attributes in all versions up to, and including, 2.6.3 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with contributo...

CVE-2024-1999

The Gutenberg Blocks by Kadence Blocks – Page Builder Features plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Testimonial Widget's anchor style parameter in all versions up to, and including, 3.2.25 due to insufficient input sanitization and output escaping. This makes ...

CVE-2024-7390

The WP Testimonial Widget plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnSaveTestimonailOrder function in all versions up to, and including, 3.1. This makes it possible for unauthenticated attackers to change the order of...

CVE-2024-43967

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Stark Digital WP Testimonial Widget allows Stored XSS.This issue affects WP Testimonial Widget: from n/a through 3.1...

CVE-2024-43966

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stark Digital WP Testimonial Widget.This issue affects WP Testimonial Widget: from n/a through 3.1...

CVE-2024-43967

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Stark Digital WP Testimonial Widget allows Stored XSS.This issue affects WP Testimonial Widget: from n/a through 3.1...

CVE-2024-43967

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Stark Digital WP Testimonial Widget allows Stored XSS.This issue affects WP Testimonial Widget: from n/a through 3.1...

CVE-2024-43966

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stark Digital WP Testimonial Widget.This issue affects WP Testimonial Widget: from n/a through 3.1...

CVE-2024-43966

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Stark Digital WP Testimonial Widget.This issue affects WP Testimonial Widget: from n/a through 3.1...

CVE-2024-43967 WordPress WP Testimonial Widget plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Stark Digital WP Testimonial Widget allows Stored XSS.This issue affects WP Testimonial Widget: from n/a through 3.1...

CVE-2024-43967 WordPress WP Testimonial Widget plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Stark Digital WP Testimonial Widget allows Stored XSS.This issue affects WP Testimonial Widget: from n/a through 3.1...

CVE-2024-43967

CVE-2024-43967 concerns the WP Testimonial Widget. The vulnerability is a stored XSS caused by improper neutralization of input during web page generation, affecting WP Testimonial Widget versions from n/a up to and including 3.1. The exploit requires an authenticated Administrator+ permission. N...

WordPress WP Testimonial Widget plugin <= 3.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by hnwmn Patchstack Alliance in WordPress Plugin WP Testimonial Widget versions = 3.1...

CVE-2024-43966

CVE-2024-43966 : Vulnerability in WP Testimonial Widget (WordPress plugin) with an SQL injection caused by improper neutralization. Affected: WP Testimonial Widget from n/a to 3.1. Exposure requires authenticated access (Admin+) and currently shows as unpatched; no exploits details provided in th...

WordPress WP Testimonial Widget plugin <= 3.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by hnwmn Patchstack Alliance in WordPress Plugin WP Testimonial Widget versions = 3.1...

WordPress plugin WP Testimonial Widget SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A SQL injection...

WordPress WP Testimonial Widget Plugin <= 3.1 is vulnerable to Cross Site Scripting (XSS)

Software WP Testimonial Widget Type Plugin Vulnerable versions = 3.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-43967 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 886cd3de89e3 Credits hnwmn Required privilege Administrat...