Testimonials by BestWebSoft < 0.1.9 - Cross-Site Scripting

The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues. id: CVE-2017-18558 info: name: Testimonials by BestWebSoft 0.1.9 - Cross-Site Scripting author: luisfelipe146 severity: medium description: | The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS...

CVE-2017-18558

The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues...

EUVD-2017-9674

Malware in sbrugna...

CVE-2017-18558

The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues...

Cross site scripting

The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues...

CVE-2017-18558

The bws-testimonials plugin before 0.1.9 for WordPress has multiple XSS issues...

CVE-2017-18558

CVE-2017-18558 affects the WordPress plugin bws-testimonials, version before 0.1.9. The connected Nuclei/WPVuln/Red Hat et al. entries confirm multiple XSS flaws in this plugin, caused by inadequate input/output sanitization, enabling authenticated attackers to inject and execute arbitrary JavaSc...