Lucene search

K

WpvulndbWPVDB-ID:515DD091-F8EC-467B-998F-2583665C7C55

HistoryApr 04, 2022 - 12:00 a.m.

Testimonial Slider <= 3.5.8.3 - Contributor+ Stored Cross-Site Scripting

2022-04-0400:00:00

wpscan.com

12

testimonial slider

cross-site scripting

stored data

EPSS

0.001

Percentile

19.4%

The plugin does not sanitise and escape some of its slider settings, such as mpsp_posts_bg_color, mpsp_posts_description_color, mpsp_slide_nav_button_color which could allow users with the edit_post capability (contributor and above) to perform Cross-Site Scripting attacks

EPSS

0.001

Percentile

19.4%

Related for WPVDB-ID:515DD091-F8EC-467B-998F-2583665C7C55

prion1 nvd1 patchstack1 cve1 cvelist1