Lucene search
K

4 matches found

Cvelist
Cvelist
added 2024/04/24 5:0 a.m.25 views

CVE-2024-3261 Strong Testimonials < 3.1.12 - Contributor+ Stored XSS

The Strong Testimonials WordPress plugin before 3.1.12 does not validate and escape some of its Testimonial fields before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. The attack requires a specific...

5.8AI score0.00399EPSS
Exploits2References1
Vulnrichment
Vulnrichment
added 2024/04/24 5:0 a.m.14 views

CVE-2024-3261 Strong Testimonials < 3.1.12 - Contributor+ Stored XSS

The Strong Testimonials WordPress plugin before 3.1.12 does not validate and escape some of its Testimonial fields before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. The attack requires a specific...

5.6AI score0.00399EPSS
Exploits2References1
CVE
CVE
added 2024/04/24 5:0 a.m.77 views

CVE-2024-3261

The CVE-2024-3261 entry concerns the WordPress plugin Strong Testimonials (prior to 3.1.12). It states that certain Testimonial fields are not validated/escaped before being output on pages, enabling Stored XSS for users with contributor role or higher when a specific view is accessed. Affected a...

4.8CVSS8AI score0.00399EPSS
Exploits2References1Affected Software1
Patchstack
Patchstack
added 2024/04/24 12:0 a.m.7 views

WordPress Strong Testimonials Plugin < 3.1.12 is vulnerable to Cross Site Scripting (XSS)

Software Strong Testimonials Type Plugin Vulnerable versions 3.1.12 Fixed in 3.1.12 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3261 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4383da9e6ea2 Credits Dmitrii Ignatyev...

4.8CVSS5.7AI score0.00399EPSS
Exploits2References4Affected Software1
Rows per page
Query Builder