Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in wpshopmart Testimonial Builder plugin <= 1.6.1 at WordPress.
References
| Link | Resource |
|---|---|
| https://patchstack.com/database/vulnerability/testimonial-builder/wordpress-testimonial-builder-plugin-1-6-1-authenticated-stored-cross-site-scripting-xss-vulnerability | Patch Third Party Advisory |
| https://wordpress.org/plugins/testimonial-builder/#developers | Product Release Notes Third Party Advisory |
Configurations
History
23 Aug 2022, 18:21
| Type | Values Removed | Values Added |
|---|---|---|
| CVSS |
v2 : v3 : |
v2 : unknown
v3 : 5.4 |
| References | (CONFIRM) https://patchstack.com/database/vulnerability/testimonial-builder/wordpress-testimonial-builder-plugin-1-6-1-authenticated-stored-cross-site-scripting-xss-vulnerability - Patch, Third Party Advisory | |
| References | (CONFIRM) https://wordpress.org/plugins/testimonial-builder/#developers - Product, Release Notes, Third Party Advisory | |
| CPE | cpe:2.3:a:wpshopmart:testimonial_builder:*:*:*:*:*:wordpress:*:* |
22 Aug 2022, 16:35
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2022-08-22 15:15
Updated : 2024-02-04 22:51
NVD link : CVE-2021-36857
Mitre link : CVE-2021-36857
CVE.ORG link : CVE-2021-36857
JSON object : View
Products Affected
wpshopmart
- testimonial_builder
CWE
CWE-79
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')