CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

The Tribute Testimonials – WordPress Testimonial Grid/Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tributetestimonialsslider' shortcode in all versions up to, and including, 1.0.4 due to insufficient input sanitization and output escaping on user...

6.4CVSS5AI score0.00109EPSS

Exploits0References1

RedhatCVE•added 2025/04/02 1:43 p.m.•8 views

CVE-2025-31587

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Stored XSS.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...

5.9CVSS7.2AI score0.00148EPSS

Exploits0References1

RedhatCVE•added 2025/04/02 1:43 p.m.•10 views

CVE-2025-31584

Missing Authorization vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...

5.4CVSS7.2AI score0.00144EPSS

Exploits0References1

RedhatCVE•added 2025/04/02 1:37 p.m.•4 views

CVE-2025-31588

Cross-Site Request Forgery CSRF vulnerability in elfsight Elfsight Testimonials Slider elfsight-testimonials-slider allows Cross Site Request Forgery.This issue affects Elfsight Testimonials Slider: from n/a through = 1.0.1...

5.4CVSS7.2AI score0.00177EPSS

Exploits0References1

Patchstack•added 2025/03/31 2:4 p.m.•2 views

WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross Site Request Forgery CSRF to Settings Change vulnerability discovered by Pham Van Tam in WordPress Plugin Elfsight Testimonials Slider versions = 1.0.1...

5.4CVSS6.9AI score0.00177EPSS

Exploits0Affected Software1

Patchstack•added 2025/03/31 2:4 p.m.•2 views

WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Pham Van Tam in WordPress Plugin Elfsight Testimonials Slider versions = 1.0.1...

5.9CVSS6.1AI score0.00148EPSS

Exploits0Affected Software1

Patchstack•added 2025/03/31 2:3 p.m.•2 views

WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Broken Access Control vulnerability

Broken Access Control vulnerability discovered by Pham Van Tam in WordPress Plugin Elfsight Testimonials Slider versions = 1.0.1...

5.4CVSS7AI score0.00144EPSS

Exploits0Affected Software1

NVD•added 2025/03/31 1:15 p.m.•4 views

CVE-2025-31587

5.9CVSS0.00148EPSS

Exploits0References1

NVD•added 2025/03/31 1:15 p.m.•3 views

CVE-2025-31588

5.4CVSS0.00177EPSS

Exploits0References1

NVD•added 2025/03/31 1:15 p.m.•4 views

CVE-2025-31584

5.4CVSS0.00144EPSS

Exploits0References1

Cvelist•added 2025/03/31 12:55 p.m.•16 views

CVE-2025-31588 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

5.4CVSS0.00177EPSS

Exploits0References1

CVE•added 2025/03/31 12:55 p.m.•47 views

CVE-2025-31588

CVE-2025-31588 is a CSRF vulnerability in the WordPress plugin Elfsight Testimonials Slider (elfsight-testimonials-slider) affecting versions up to 1.0.1. The CVE entry notes Cross Site Request Forgery that can change settings, with CVSS 3.1 base score 5.4 (Medium). The patch status/fix is not pr...

5.4CVSS7.2AI score0.00177EPSS

Exploits0References1

Vulnrichment•added 2025/03/31 12:55 p.m.•3 views

CVE-2025-31588 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Request Forgery (CSRF) to Settings Change vulnerability

Cross-Site Request Forgery CSRF vulnerability in elfsight Elfsight Testimonials Slider allows Cross Site Request Forgery. This issue affects Elfsight Testimonials Slider: from n/a through 1.0.1...

5.4CVSS6.9AI score0.00177EPSS

Exploits0References1

Vulnrichment•added 2025/03/31 12:55 p.m.•6 views

CVE-2025-31587 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

5.9CVSS7.2AI score0.00148EPSS

Exploits0References1

Cvelist•added 2025/03/31 12:55 p.m.•13 views

CVE-2025-31587 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Cross Site Scripting (XSS) vulnerability

5.9CVSS0.00148EPSS

Exploits0References1

CVE•added 2025/03/31 12:55 p.m.•52 views

CVE-2025-31587

Technical details (affected versions, root cause, impact, remediation) for CVE-2025-31587 are not provided in the supplied documents beyond the initial description. Please monitor for updates from official advisories.

5.9CVSS7.2AI score0.00148EPSS

Exploits0References1

Cvelist•added 2025/03/31 12:55 p.m.•16 views

CVE-2025-31584 WordPress Elfsight Testimonials Slider plugin <= 1.0.1 - Broken Access Control vulnerability

5.4CVSS0.00144EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by