EUVD-2023-57906

Malicious code in bioql PyPI...

EUVD-2025-4817

Malicious code in bioql PyPI...

CVE-2023-5613

The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tpsscode' shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...

CVE-2024-13704

The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'stusertitle' parameter in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

CVE-2024-13704

The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'stusertitle' parameter in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

CVE-2024-13704

CVE-2024-13704 relates to the WordPress plugin Super Testimonials (also listed in Wordfence). It is a stored cross-site scripting (XSS) vulnerability via the st_user_title parameter in all versions up to 4.0.1, caused by insufficient input sanitization and output escaping. The impact is unauthent...

CVE-2024-13704 Super Testimonials <= 4.0.1 - Unauthenticated Stored Cross-Site Scripting

The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'stusertitle' parameter in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

CVE-2024-13704 Super Testimonials <= 4.0.1 - Unauthenticated Stored Cross-Site Scripting

The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'stusertitle' parameter in all versions up to, and including, 4.0.1 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary...

WordPress plugin Super Testimonials 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exis...

WordPress Super Testimonials plugin <= 4.0.1 - Unauthenticated Stored Cross-Site Scripting vulnerability

Unauthenticated Stored Cross-Site Scripting vulnerability discovered by Krzysztof Zając in WordPress Plugin Testimonials versions = 4.0.1...

CVE-2024-9127

The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘alignment’ parameter in all versions up to, and including, 3.0.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...

CVE-2024-9127

The CVE CVE-2024-9127 affects the WordPress plugin Super Testimonials (sola-testimonials) up to version 3.0.0. The root cause is Stored Cross‑Site Scripting via the alignment parameter due to insufficient input sanitization and output escaping. Exploitation requires authentication at Contributor ...

WordPress Super Testimonials plugin <= 3.0.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via alignment Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via alignment Parameter vulnerability discovered by Francesco Carlucci in WordPress Plugin Super Testimonials versions = 3.0.0...

PT-2024-39448 · WordPress · Super Testimonials

Name of the Vulnerable Software and Affected Versions: The Super Testimonials plugin for WordPress versions up to, and including, 3.0.0 Description: The issue is related to Stored Cross-Site Scripting via the alignment parameter due to insufficient input sanitization and output escaping. This...

WordPress Super Testimonials Plugin <= 3.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Super Testimonials Type Plugin Vulnerable versions = 3.0.0 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-9127 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID f0b50a68f0f9 Credits Francesco Carlucci...

CVE-2024-43959 WordPress Super Testimonials plugin <= 4.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Testimonials super-testimonial allows Reflected XSS.This issue affects Testimonials: from n/a through = 4.0.1...

WordPress Super Testimonials plugin <= 4.0.1 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by Abdi Pranata Patchstack Alliance in WordPress Plugin Testimonials versions = 4.0.1...

WordPress Plugin Super Testimonials 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. WordPress is a blogging platform developed using the PHP language, which supports personal blog sites on PHP and MySQL servers. A cross-site scripting...

WordPress Super Testimonials plugin <= 3.0.5 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Abu Hurayra Patchstack Alliance in WordPress Plugin Testimonials versions = 3.0.5...

CVE-2023-5613

The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tpsscode' shortcode in all versions up to, and including, 2.9 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated...