Vulnerabilities (CVE)

Filtered by vendor Goldplugins Subscribe

Filtered by product Easy Testimonials

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 3 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2020-14959	1 Goldplugins	1 Easy Testimonials	2020-06-25	3.5 LOW	5.4 MEDIUM
Multiple XSS vulnerabilities in the Easy Testimonials plugin before 3.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the wp-admin/post.php Client Name, Position, Web Address, Other, Location Reviewed, Product Reviewed, Item Reviewed, or Rating parameter.
CVE-2018-19564	1 Goldplugins	1 Easy Testimonials	2018-12-18	4.3 MEDIUM	6.1 MEDIUM
Stored XSS was discovered in the Easy Testimonials plugin 3.2 for WordPress. Three wp-admin/post.php parameters (_ikcf_client and _ikcf_position and _ikcf_other) have Cross-Site Scripting.
CVE-2017-12131	1 Goldplugins	1 Easy Testimonials	2017-08-10	4.3 MEDIUM	6.1 MEDIUM
The Easy Testimonials plugin 3.0.4 for WordPress has XSS in include/settings/display.options.php, as demonstrated by the Default Testimonials Width, View More Testimonials Link, and Testimonial Excerpt Options screens.