CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

10 matches found

EUVD•added 2025/10/07 12:30 a.m.•1 views

EUVD-2021-23433

Malware in sbrugna...

5.4CVSS5.6AI score0.00167EPSS

Exploits0References3

OSV•added 2022/08/22 3:15 p.m.•0 views

CVE-2021-36857

Authenticated editor+ Stored Cross-Site Scripting XSS vulnerability in wpshopmart Testimonial Builder plugin = 1.6.1 at WordPress...

5.4CVSS5.8AI score

Exploits0References2

Cvelist•added 2022/08/22 2:46 p.m.•13 views

CVE-2021-36857 WordPress Testimonial Builder plugin <= 1.6.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated editor+ Stored Cross-Site Scripting XSS vulnerability in wpshopmart Testimonial Builder plugin = 1.6.1 at WordPress...

4.8CVSS5.4AI score0.00167EPSS

Exploits0References2

CVE•added 2022/08/22 2:46 p.m.•54 views

CVE-2021-36857

The CVE-2021-36857 entry concerns the WordPress plugin “Testimonial Builder” (versions up to 1.6.1). It describes an Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in WordPress that arises from insufficient sanitisation/escaping of settings, enabling a high-privilege user...

5.4CVSS5AI score0.00167EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2022/08/22 2:46 p.m.•3 views

CVE-2021-36857 WordPress Testimonial Builder plugin <= 1.6.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated editor+ Stored Cross-Site Scripting XSS vulnerability in wpshopmart Testimonial Builder plugin = 1.6.1 at WordPress...

4.8CVSS4.9AI score0.00167EPSS

Exploits0References2

CNNVD•added 2022/08/22 12:0 a.m.•1 views

WordPress plugin wpshopmart Testimonial Builder 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. Cross-site scripting...

5.4CVSS5.6AI score0.00167EPSS

Exploits0References3

Cvelist•added 2021/11/17 10:15 a.m.•11 views

CVE-2021-24598 Testimonial Builder < 1.6.0 - Admin+ Stored Cross-Site Scripting

The Testimonial WordPress plugin before 1.6.0 does not escape some testimonial fields which could allow high privilege users to perform Cross Site Scripting attacks even when the unfilteredhtml capability is disallowed...

5.1AI score0.00206EPSS

Exploits2References2

Patchstack•added 2021/11/07 12:0 a.m.•15 views

WordPress Testimonial Builder plugin <= 1.6.1 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress Testimonial Builder plugin versions = 1.6.1. Solution Update the WordPress Testimonial plugin to the latest available version at least 1.6.2...

5.4CVSS3AI score0.00167EPSS

Exploits0References1Affected Software1

WPVulnDB•added 2021/10/13 12:0 a.m.•18 views

Testimonial Builder < 1.6.0 - Admin+ Stored Cross-Site Scripting

The plugin does not escape some testimonial fields which could allow high privilege users to perform Cross Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC As admin, create/edit a testimonial and put the following payload in the Testimonial User Name field: "...

4.8CVSS3.5AI score0.00206EPSS

Exploits2References1Affected Software1

wpexploit•added 2021/10/13 12:0 a.m.•487 views

Testimonial Builder < 1.6.0 - Admin+ Stored Cross-Site Scripting

The plugin does not escape some testimonial fields which could allow high privilege users to perform Cross Site Scripting attacks even when the unfilteredhtml capability is disallowed As admin, create/edit a testimonial and put the following payload in the Testimonial User Name field: "...

4.8CVSS0.9AI score0.00206EPSS

Exploits2References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by