2 matches found
CVE-2013-4241
CVE-2013-4241 (HMS Testimonials plugin for WordPress) : The NVD and related records describe multiple XSS vulnerabilities in the HMS Testimonials plugin for WordPress, fixed in versions before 2.0.11. The affected vectors include the Testimonial form fields (name, image, url, testimonial) and sev...
CVE-2013-4240
The CVE-2013-4240 entry concerns the WordPress HMS Testimonials plugin, affected in versions before 2.0.11. The vulnerability set consists of multiple CSRF flaws that allow an attacker to hijack an administrator’s authenticated session and perform actions such as adding testimonials, adding group...