PT-2025-2182 · WordPress · Testimonial Slider

Name of the Vulnerable Software and Affected Versions: WE – Testimonial Slider plugin for WordPress versions 1.5 and earlier Description: The issue is related to Stored Cross-Site Scripting via Testimonial Author Names due to insufficient input sanitization and output escaping. This allows...

PT-2024-14994 · WordPress · The Meta Box – Wordpress Custom Fields Framework

Name of the Vulnerable Software and Affected Versions: The Meta Box – WordPress Custom Fields Framework plugin versions up to, and including, 5.9.2 Description: The issue is related to Stored Cross-Site Scripting via custom post meta values displayed through the plugin's shortcode due to...