WordPress Super Testimonial Pro Plugin <= 2.9 is vulnerable to Cross Site Scripting (XSS)

Software Super Testimonial Pro Type Plugin Vulnerable versions = 2.9 Fixed in 3.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2023-5613 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 4c345a4e70e4 Credits Lana Codes Required...

WordPress Super Testimonial Pro premium plugin < 1.0.8 - Auth. Stored Cross-Site Scripting (XSS) vulnerability

Auth. Stored Cross-Site Scripting XSS vulnerability discovered by Asif Nawaz Minhas in WordPress Super Testimonial Pro premium plugin versions 1.0.8. Solution Update the WordPress Super Testimonial Pro plugin to the latest available version at least 1.0.8...

CVE-2022-3539

The Testimonials WordPress plugin before 2.7, super-testimonial-pro WordPress plugin before 1.0.8 do not sanitize and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-3539

The CVE-2022-3539 issue affects the WordPress plugins Testimonials (before 2.7) and Super Testimonial Pro (before 1.0.8). The root cause is a lack of sanitization and escaping of plugin settings, enabling high-privilege users (e.g., admins) to perform cross-site scripting (XSS) even when the unfi...

PT-2022-22793

Name of the Vulnerable Software and Affected Versions Testimonials WordPress plugin versions prior to 2.7 super-testimonial-pro WordPress plugin versions prior to 1.0.8 Description The issue allows high privilege users, such as admins, to perform cross-Site Scripting attacks, even when the...