15 matches found
EUVD-2024-32749
Malicious code in bioql PyPI...
WordPress Testimonial Slider Plugin <= 3.5.8.6 - Local File Inclusion Vulnerability
Local File Inclusion Vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Testimonial Slider versions = 3.5.8.6...
PT-2025-39573
Name of the Vulnerable Software and Affected Versions PluginOps Testimonial Slider versions through 3.5.8.6 Description The software contains a flaw related to improper control of filename for include/require statements, specifically a PHP Local File Inclusion issue. This allows for unauthorized...
CVE-2024-4193
The Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'testimonialcategory' shortcode in all versions up to, and including, 1.3.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
CVE-2023-45754
CVE-2023-45754 : A stored Cross-Site Scripting (XSS) flaw in the WordPress plugin “Easy Testimonial Slider and Form” (versions ≤ 1.0.18). The root cause is improper input neutralization during web page generation, enabling an attacker (with administrator privileges per PatchStack/Wordfence contex...
CVE-2022-44741
Cross-Site Request Forgery CSRF vulnerability leading to Cross-Site Scripting XSS in David Anderson Testimonial Slider plugin = 1.3.1 on WordPress...
Cross site request forgery (csrf)
Cross-Site Request Forgery CSRF vulnerability leading to Cross-Site Scripting XSS in David Anderson Testimonial Slider plugin = 1.3.1 on WordPress...
CVE-2022-44741
Cross-Site Request Forgery CSRF vulnerability leading to Cross-Site Scripting XSS in David Anderson Testimonial Slider plugin = 1.3.1 on WordPress...
CVE-2022-35882
Authenticated author or higher user role Stored Cross-Site Scripting XSS vulnerability in GS Plugins GS Testimonial Slider plugin = 1.9.5 at WordPress...
CVE-2022-35882 WordPress GS Testimonial Slider plugin <= 1.9.5 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability
Authenticated author or higher user role Stored Cross-Site Scripting XSS vulnerability in GS Plugins GS Testimonial Slider plugin = 1.9.5 at WordPress...
CVE-2022-35882
CVE-2022-35882 concerns the GS Testimonial Slider plugin for WordPress, affected up to version 1.9.5. The vulnerability is an authenticated Stored Cross-Site Scripting (XSS) issue, exploitable by a user with author or higher privileges. Root cause details across sources indicate insufficient sani...
CVE-2015-9417
The testimonial-slider plugin through 1.2.1 for WordPress has CSRF with resultant XSS...
WordPress Testimonial Slider Plugin SQL Injection Vulnerability
WordPress is the WordPress Software Foundation's set of blogging platform using PHP language development, the platform supports in PHP and MySQL servers set up a personal blog site.Testimonial Slider plugin is one of the post to add plugin. A SQL injection vulnerability exists in the '$wpdb-query...
Sql injection
The Testimonial Slider plugin through 1.2.4 for WordPress has SQL Injection via settings\sliders.php currentsliderid parameter...
WordPress Gallery Master 1.0.22 Cross Site Scripting
Exploit : For Exploiting This Vulnerability Install Testimonial Slider Plugin Then Create New SGallery In Gallery Title Input And Gallery Description Place Your JavaScript Code After Creating Gallery JavaScript Code Will Be Executed . Plugin Is Accessable By Authors , Administartors , Editors...