5 matches found
CVE-2021-24136
Unvalidated input and lack of output encoding in the Testimonials Widget WordPress plugin, versions before 4.0.0, lead to multiple Cross-Site Scripting vulnerabilities, allowing remote attackers to inject arbitrary JavaScript code or HTML via the below parameters: - Author - Job Title - Location ...
CVE-2021-24136
creationtimestamp| type| source ---|---|--- 2021-03-18 17:32:21+00:00| seen| https://t.me/cibsecurity/25103...
CVE-2021-24136
Unvalidated input and lack of output encoding in the Testimonials Widget WordPress plugin, versions before 4.0.0, lead to multiple Cross-Site Scripting vulnerabilities, allowing remote attackers to inject arbitrary JavaScript code or HTML via the below parameters: - Author - Job Title - Location ...
CVE-2021-24136
The CVE-2021-24136 entry concerns the WordPress plugin Testimonials Widget. Multiple connected sources confirm that versions before 4.0.0 suffer from unvalidated input and lack of output encoding, enabling Cross-Site Scripting (XSS) via fields in Testimonial Data: Author, Job Title, Location, Com...
CVE-2021-24136 Testimonials Widget < 4.0.0 - Multiple Authenticated Stored XSS
Unvalidated input and lack of output encoding in the Testimonials Widget WordPress plugin, versions before 4.0.0, lead to multiple Cross-Site Scripting vulnerabilities, allowing remote attackers to inject arbitrary JavaScript code or HTML via the below parameters: - Author - Job Title - Location ...