4 matches found
CVE-2024-13460
The WE – Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Testimonial Author Names in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...
CVE-2024-13460 WE – Testimonial Slider <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WE – Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Testimonial Author Names in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...
CVE-2024-13460 WE – Testimonial Slider <= 1.5 - Authenticated (Contributor+) Stored Cross-Site Scripting
The WE – Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via Testimonial Author Names in all versions up to, and including, 1.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...
CVE-2024-13460
CVE-2024-13460 — WE – Testimonial Slider (WordPress) is an authenticated Stored Cross-Site Scripting vulnerability affecting the WE – Testimonial Slider plugin for WordPress in versions up to 1.5. The issue arises from insufficient input sanitization and output escaping in the Testimonial Author ...