CVE-2025-14379 Testimonials Creator 1.6 - Authenticated (Admin+) Stored Cross-Site Scripting
The Testimonials Creator plugin for WordPress is vulnerable to Stored Cross-Site Scripting via admin settings in version 1.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with administrator-level permissions and above, to inject...