Vulnerability Details CVE-2024-2337
The Easy Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'testimonials_grid ' shortcode in all versions up to, and including, 3.9.5 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers with contributor-level and above permissions to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.7%
CVSS Severity
CVSS v3 Score 6.4
References
- https://plugins.trac.wordpress.org/browser/easy-testimonials/trunk/easy-testimonials.php#L1039
- https://www.wordfence.com/threat-intel/vulnerabilities/id/2c470cb0-5cbc-4ae1-b75a-384668d07215?source=cve
- https://plugins.trac.wordpress.org/browser/easy-testimonials/trunk/easy-testimonials.php#L1039
- https://www.wordfence.com/threat-intel/vulnerabilities/id/2c470cb0-5cbc-4ae1-b75a-384668d07215?source=cve
Products affected by CVE-2024-2337
-
cpe:2.3:a:goldplugins:easy_testimonials:1.0
-
cpe:2.3:a:goldplugins:easy_testimonials:1.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.10
-
cpe:2.3:a:goldplugins:easy_testimonials:1.11
-
cpe:2.3:a:goldplugins:easy_testimonials:1.12
-
cpe:2.3:a:goldplugins:easy_testimonials:1.12.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.12.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.12.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.13
-
cpe:2.3:a:goldplugins:easy_testimonials:1.14
-
cpe:2.3:a:goldplugins:easy_testimonials:1.15
-
cpe:2.3:a:goldplugins:easy_testimonials:1.15.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.15.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.16
-
cpe:2.3:a:goldplugins:easy_testimonials:1.16.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.17
-
cpe:2.3:a:goldplugins:easy_testimonials:1.17.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.17.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.17.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.17.4
-
cpe:2.3:a:goldplugins:easy_testimonials:1.17.5
-
cpe:2.3:a:goldplugins:easy_testimonials:1.18
-
cpe:2.3:a:goldplugins:easy_testimonials:1.19
-
cpe:2.3:a:goldplugins:easy_testimonials:1.19.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.2.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.20
-
cpe:2.3:a:goldplugins:easy_testimonials:1.20.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.20.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.20.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.20.4
-
cpe:2.3:a:goldplugins:easy_testimonials:1.20.5
-
cpe:2.3:a:goldplugins:easy_testimonials:1.20.6
-
cpe:2.3:a:goldplugins:easy_testimonials:1.20.7
-
cpe:2.3:a:goldplugins:easy_testimonials:1.21
-
cpe:2.3:a:goldplugins:easy_testimonials:1.22
-
cpe:2.3:a:goldplugins:easy_testimonials:1.23
-
cpe:2.3:a:goldplugins:easy_testimonials:1.24
-
cpe:2.3:a:goldplugins:easy_testimonials:1.25
-
cpe:2.3:a:goldplugins:easy_testimonials:1.25.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.25.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.25.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.25.4
-
cpe:2.3:a:goldplugins:easy_testimonials:1.26
-
cpe:2.3:a:goldplugins:easy_testimonials:1.27
-
cpe:2.3:a:goldplugins:easy_testimonials:1.28
-
cpe:2.3:a:goldplugins:easy_testimonials:1.28.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.28.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.29
-
cpe:2.3:a:goldplugins:easy_testimonials:1.29.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.3.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.3.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.3.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.3.4
-
cpe:2.3:a:goldplugins:easy_testimonials:1.3.4.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.30
-
cpe:2.3:a:goldplugins:easy_testimonials:1.30.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.30.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.30.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.31
-
cpe:2.3:a:goldplugins:easy_testimonials:1.31.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.31.10
-
cpe:2.3:a:goldplugins:easy_testimonials:1.31.11
-
cpe:2.3:a:goldplugins:easy_testimonials:1.31.12
-
cpe:2.3:a:goldplugins:easy_testimonials:1.31.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.31.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.31.4
-
cpe:2.3:a:goldplugins:easy_testimonials:1.31.5
-
cpe:2.3:a:goldplugins:easy_testimonials:1.31.6
-
cpe:2.3:a:goldplugins:easy_testimonials:1.31.7
-
cpe:2.3:a:goldplugins:easy_testimonials:1.31.8
-
cpe:2.3:a:goldplugins:easy_testimonials:1.31.9
-
cpe:2.3:a:goldplugins:easy_testimonials:1.32
-
cpe:2.3:a:goldplugins:easy_testimonials:1.33
-
cpe:2.3:a:goldplugins:easy_testimonials:1.34
-
cpe:2.3:a:goldplugins:easy_testimonials:1.34.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.34.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.34.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.34.4
-
cpe:2.3:a:goldplugins:easy_testimonials:1.35
-
cpe:2.3:a:goldplugins:easy_testimonials:1.35.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.35.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.35.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.35.4
-
cpe:2.3:a:goldplugins:easy_testimonials:1.35.5
-
cpe:2.3:a:goldplugins:easy_testimonials:1.35.6
-
cpe:2.3:a:goldplugins:easy_testimonials:1.36
-
cpe:2.3:a:goldplugins:easy_testimonials:1.36.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.37
-
cpe:2.3:a:goldplugins:easy_testimonials:1.37.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.37.21.37.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.4
-
cpe:2.3:a:goldplugins:easy_testimonials:1.4.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.4.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.4.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.4.4
-
cpe:2.3:a:goldplugins:easy_testimonials:1.4.5
-
cpe:2.3:a:goldplugins:easy_testimonials:1.5
-
cpe:2.3:a:goldplugins:easy_testimonials:1.5.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.5.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.5.4
-
cpe:2.3:a:goldplugins:easy_testimonials:1.5.4.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.5.5
-
cpe:2.3:a:goldplugins:easy_testimonials:1.5.5.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.5.5.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.5.6
-
cpe:2.3:a:goldplugins:easy_testimonials:1.5.6.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.5.7
-
cpe:2.3:a:goldplugins:easy_testimonials:1.5.8
-
cpe:2.3:a:goldplugins:easy_testimonials:1.5.9
-
cpe:2.3:a:goldplugins:easy_testimonials:1.5.9.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.6
-
cpe:2.3:a:goldplugins:easy_testimonials:1.6.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.7
-
cpe:2.3:a:goldplugins:easy_testimonials:1.7.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.7.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.7.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.7.4
-
cpe:2.3:a:goldplugins:easy_testimonials:1.7.5
-
cpe:2.3:a:goldplugins:easy_testimonials:1.7.5.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.7.5.2
-
cpe:2.3:a:goldplugins:easy_testimonials:1.7.5.3
-
cpe:2.3:a:goldplugins:easy_testimonials:1.7.6
-
cpe:2.3:a:goldplugins:easy_testimonials:1.7.7
-
cpe:2.3:a:goldplugins:easy_testimonials:1.7.7.1
-
cpe:2.3:a:goldplugins:easy_testimonials:1.8
-
cpe:2.3:a:goldplugins:easy_testimonials:1.9
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0.1
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0.10
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0.11
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0.12
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0.13
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0.14
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0.2
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0.3
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0.4
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0.5
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0.6
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0.7
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0.8
-
cpe:2.3:a:goldplugins:easy_testimonials:2.0.9
-
cpe:2.3:a:goldplugins:easy_testimonials:2.1
-
cpe:2.3:a:goldplugins:easy_testimonials:2.1.1
-
cpe:2.3:a:goldplugins:easy_testimonials:2.1.2
-
cpe:2.3:a:goldplugins:easy_testimonials:2.2
-
cpe:2.3:a:goldplugins:easy_testimonials:2.2.2
-
cpe:2.3:a:goldplugins:easy_testimonials:2.2.3
-
cpe:2.3:a:goldplugins:easy_testimonials:2.2.4
-
cpe:2.3:a:goldplugins:easy_testimonials:2.2.5
-
cpe:2.3:a:goldplugins:easy_testimonials:2.3
-
cpe:2.3:a:goldplugins:easy_testimonials:2.3.1
-
cpe:2.3:a:goldplugins:easy_testimonials:3.0
-
cpe:2.3:a:goldplugins:easy_testimonials:3.0.1
-
cpe:2.3:a:goldplugins:easy_testimonials:3.0.2
-
cpe:2.3:a:goldplugins:easy_testimonials:3.0.3
-
cpe:2.3:a:goldplugins:easy_testimonials:3.0.4
-
cpe:2.3:a:goldplugins:easy_testimonials:3.0.5
-
cpe:2.3:a:goldplugins:easy_testimonials:3.1
-
cpe:2.3:a:goldplugins:easy_testimonials:3.1.1
-
cpe:2.3:a:goldplugins:easy_testimonials:3.2
-
cpe:2.3:a:goldplugins:easy_testimonials:3.3
-
cpe:2.3:a:goldplugins:easy_testimonials:3.3.1
-
cpe:2.3:a:goldplugins:easy_testimonials:3.3.2
-
cpe:2.3:a:goldplugins:easy_testimonials:3.4
-
cpe:2.3:a:goldplugins:easy_testimonials:3.4.1
-
cpe:2.3:a:goldplugins:easy_testimonials:3.4.2
-
cpe:2.3:a:goldplugins:easy_testimonials:3.5
-
cpe:2.3:a:goldplugins:easy_testimonials:3.5.1
-
cpe:2.3:a:goldplugins:easy_testimonials:3.5.2
-
cpe:2.3:a:goldplugins:easy_testimonials:3.6
-
cpe:2.3:a:goldplugins:easy_testimonials:3.6.1
-
cpe:2.3:a:goldplugins:easy_testimonials:3.7
-
cpe:2.3:a:goldplugins:easy_testimonials:3.7.1
-
cpe:2.3:a:goldplugins:easy_testimonials:3.7.2
-
cpe:2.3:a:goldplugins:easy_testimonials:3.8
-
cpe:2.3:a:goldplugins:easy_testimonials:3.9
-
cpe:2.3:a:goldplugins:easy_testimonials:3.9.1
-
cpe:2.3:a:goldplugins:easy_testimonials:3.9.2
-
cpe:2.3:a:goldplugins:easy_testimonials:3.9.3
-
cpe:2.3:a:goldplugins:easy_testimonials:3.9.4