Filtered by vendor Goldplugins
Subscribe
Search
Total
4 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-14959 | 1 Goldplugins | 1 Easy Testimonials | 2020-06-25 | 3.5 LOW | 5.4 MEDIUM |
| Multiple XSS vulnerabilities in the Easy Testimonials plugin before 3.6 for WordPress allow remote attackers to inject arbitrary web script or HTML via the wp-admin/post.php Client Name, Position, Web Address, Other, Location Reviewed, Product Reviewed, Item Reviewed, or Rating parameter. | |||||
| CVE-2018-19564 | 1 Goldplugins | 1 Easy Testimonials | 2018-12-18 | 4.3 MEDIUM | 6.1 MEDIUM |
| Stored XSS was discovered in the Easy Testimonials plugin 3.2 for WordPress. Three wp-admin/post.php parameters (_ikcf_client and _ikcf_position and _ikcf_other) have Cross-Site Scripting. | |||||
| CVE-2017-9418 | 1 Goldplugins | 1 Testimonials Plugin Easy Testimonials | 2017-08-13 | 6.5 MEDIUM | 8.8 HIGH |
| SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php. | |||||
| CVE-2017-12131 | 1 Goldplugins | 1 Easy Testimonials | 2017-08-10 | 4.3 MEDIUM | 6.1 MEDIUM |
| The Easy Testimonials plugin 3.0.4 for WordPress has XSS in include/settings/display.options.php, as demonstrated by the Default Testimonials Width, View More Testimonials Link, and Testimonial Excerpt Options screens. | |||||