Vulnerabilities (CVE)

Filtered by vendor Wpshopmart Subscribe
Filtered by product Testimonial Builder
Total 2 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-36857 1 Wpshopmart 1 Testimonial Builder 2024-02-04 N/A 5.4 MEDIUM
Authenticated (editor+) Stored Cross-Site Scripting (XSS) vulnerability in wpshopmart Testimonial Builder plugin <= 1.6.1 at WordPress.
CVE-2021-24598 1 Wpshopmart 1 Testimonial Builder 2024-02-04 3.5 LOW 4.8 MEDIUM
The Testimonial WordPress plugin before 1.6.0 does not escape some testimonial fields which could allow high privilege users to perform Cross Site Scripting attacks even when the unfiltered_html capability is disallowed