Lucene search
WpvulndbWPVDB-ID:C09E67BB-20EE-4579-82A8-2D3FC46E7CA7HistoryNov 07, 2022 - 12:00 a.m.
Testimonial Slider <= 1.3.1 - Stored XSS via CSRF
2022-11-0700:00:00
wpscan.com
7
testimonial slider
stored xss
csrf
sanitisation
escaping
admin
vulnerability
0.001 Low
EPSS
Percentile
41.9%
The plugin does not have CSRF check in some places, and is missing sanitisation as well as escaping, which could allow attackers to make logged in admin add Stored XSS payloads via a CSRF attack
| CPE | Name | Operator | Version |
|---|---|---|---|
| testimonial-slider | eq | * |
Related
cve
cve
CVE-2022-44741
2022-11-08 19:15:18
patchstack
patchstack
prion
prion
Cross site request forgery (csrf)
2022-11-08 19:15:00
nvd
nvd
CVE-2022-44741
2022-11-08 19:15:18
cvelist
cvelist