Goldplugins: Security Vulnerabilities
The Easy Testimonials plugin 3.0.4 for WordPress has XSS in include/settings/display.options.php, as demonstrated by the Default Testimonials Width, View More Testimonials Link, and Testimonial Excerpt Options screens.
CVSS Score
6.1
EPSS Score
0.002
Published
2017-08-01
SQL injection vulnerability in the WP-Testimonials plugin 3.4.1 for WordPress allows an authenticated user to execute arbitrary SQL commands via the testid parameter to wp-admin/admin.php.
CVSS Score
8.8
EPSS Score
0.01
Published
2017-06-12
Page 2