3 matches found
CVE-2025-13897
The Client Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'afttestimonialmetaname' custom field in the Client Information metabox in all versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user-supplied...
CVE-2025-13897
CVE-2025-13897 refers to a Stored XSS vulnerability in the WordPress plugin Client Testimonial Slider . The flaw exists in the aft_testimonial_meta_name field within the Client Information metabox, where input is not properly sanitized or output escaped across all versions up to 2.0. The conseque...
WordPress Client Testimonial Slider plugin <= 2.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'aft_testimonial_meta_name' Metabox Field vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via 'afttestimonialmetaname' Metabox Field vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Client Testimonial Slider versions = 2.0...