Total
4 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2024-47362 | 1 Wpchill | 1 Strong Testimonials | 2024-11-05 | N/A | 8.8 HIGH |
Missing Authorization vulnerability in WPChill Strong Testimonials allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Strong Testimonials: from n/a through 3.1.16. | |||||
CVE-2023-6491 | 1 Wpchill | 1 Strong Testimonials | 2024-10-29 | N/A | 4.3 MEDIUM |
The Strong Testimonials plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the wpmtst_save_view_sticky function in all versions up to, and including, 3.1.12. This makes it possible for authenticated attackers, with contributor access and above, to modify favorite views. | |||||
CVE-2020-8549 | 1 Wpchill | 1 Strong Testimonials | 2024-10-29 | 4.3 MEDIUM | 6.1 MEDIUM |
Stored XSS in the Strong Testimonials plugin before 2.40.1 for WordPress can result in an attacker performing malicious actions such as stealing session tokens. | |||||
CVE-2023-52123 | 1 Wpchill | 1 Strong Testimonials | 2024-10-29 | N/A | 8.8 HIGH |
Cross-Site Request Forgery (CSRF) vulnerability in WPChill Strong Testimonials.This issue affects Strong Testimonials: from n/a through 3.1.10. |