Vulnerabilities (CVE)

Filtered by vendor Wpchill Subscribe
Filtered by product Strong Testimonials
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-6491 1 Wpchill 1 Strong Testimonials 2024-10-29 N/A 4.3 MEDIUM
The Strong Testimonials plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the wpmtst_save_view_sticky function in all versions up to, and including, 3.1.12. This makes it possible for authenticated attackers, with contributor access and above, to modify favorite views.
CVE-2020-8549 1 Wpchill 1 Strong Testimonials 2024-10-29 4.3 MEDIUM 6.1 MEDIUM
Stored XSS in the Strong Testimonials plugin before 2.40.1 for WordPress can result in an attacker performing malicious actions such as stealing session tokens.
CVE-2023-52123 1 Wpchill 1 Strong Testimonials 2024-10-29 N/A 8.8 HIGH
Cross-Site Request Forgery (CSRF) vulnerability in WPChill Strong Testimonials.This issue affects Strong Testimonials: from n/a through 3.1.10.