9 matches found
CVE-2025-68000 WordPress Testimonial Slider plugin <= 2.0.15 - Broken Access Control vulnerability
Missing Authorization vulnerability in PickPlugins Testimonial Slider testimonial allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Testimonial Slider: from n/a through = 2.0.15...
CVE-2025-30889 WordPress Testimonial Slider plugin <= 2.0.13 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in PickPlugins Testimonial Slider testimonial allows Object Injection.This issue affects Testimonial Slider: from n/a through = 2.0.13...
WordPress Testimonial Slider Shortcode Plugin <= 1.1.9 is vulnerable to Cross Site Scripting (XSS)
Software Testimonial Slider Shortcode Type Plugin Vulnerable versions = 1.1.9 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51925 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 59c82ea20053 Credits Gab Required privilege...
WordPress Testimonial Slider Plugin <= 1.3.2 is vulnerable to Cross Site Scripting (XSS)
Software Testimonial Slider Type Plugin Vulnerable versions = 1.3.2 Fixed in 1.3.3 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-4193 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 9c9e113bbfe1 Credits Krzysztof Zając...
WordPress Testimonial Slider Plugin < 2.3.8 is vulnerable to Cross Site Scripting (XSS)
Software Testimonial Slider Type Plugin Vulnerable versions 2.3.8 Fixed in 2.3.8 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-1746 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID e974538b892e Credits Dmitrii Ignatyev Requir...
WordPress Testimonial Slider Plugin < 2.3.7 is vulnerable to Broken Access Control
Software Testimonial Slider Type Plugin Vulnerable versions 2.3.7 Fixed in 2.3.7 OWASP Top 10 A1: Broken Access Control Classification Broken Access Control CVE CVE-2024-1745 Patch priority Low CVSS severity Low 2.7 Developer Claim ownership PSID e4275e227f6f Credits Dmitrii Ignatyev Required...
WordPress Testimonial Slider Shortcode Plugin < 1.1.9 is vulnerable to Cross Site Scripting (XSS)
Software Testimonial Slider Shortcode Type Plugin Vulnerable versions 1.1.9 Fixed in 1.1.9 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 0cd9339aa1a8 Credits Unknown Required...
WordPress Testimonial Slider plugin <= 1.3.1 - Cross-Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability discovered by ptsfence Patchstack Alliance in WordPress Testimonial Slider plugin versions = 1.3.1. Solution No patched version is available. No reply from the vendor...
WordPress Testimonial Slider plugin <=1.2.4 - Authenticated SQL Injection vulnerability
Authenticated SQL Injection vulnerability found by DefenceCode in WordPress Testimonial Slider plugin versions =1.2.4. Solution Update the WordPress Testimonial Slider plugin to the latest version at least 1.2.5...