Lucene search
K

4 matches found

NVD
NVD
added 2026/01/09 12:15 p.m.8 views

CVE-2025-13897

The Client Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'afttestimonialmetaname' custom field in the Client Information metabox in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user-supplied...

6.4CVSS0.00232EPSS
Exploits0References3
Cvelist
Cvelist
added 2026/01/09 11:15 a.m.30 views

CVE-2025-13897 Client Testimonial Slider <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aft_testimonial_meta_name' Metabox Field

The Client Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'afttestimonialmetaname' custom field in the Client Information metabox in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user-supplied...

6.4CVSS0.00232EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/01/09 11:15 a.m.4 views

CVE-2025-13897 Client Testimonial Slider <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aft_testimonial_meta_name' Metabox Field

The Client Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'afttestimonialmetaname' custom field in the Client Information metabox in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user-supplied...

6.4CVSS4.7AI score0.00232EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/09 12:0 a.m.5 views

WordPress plugin Client Testimonial Slider 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed using the PHP language, which provides the ability to host a personal blog site on a PHP and MySQL based...

6.4CVSS5.5AI score0.00232EPSS
Exploits0References3
Rows per page
Query Builder