Wpchill: >> Strong Testimonials >> 3.1.12 Security Vulnerabilities
Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials.This issue affects Strong Testimonials: from n/a through <= 3.1.16.
CVSS Score
8.8
EPSS Score
0.009
Published
2024-11-01
The Strong Testimonials plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the wpmtst_save_view_sticky function in all versions up to, and including, 3.1.12. This makes it possible for authenticated attackers, with contributor access and above, to modify favorite views.
CVSS Score
4.3
EPSS Score
0.002
Published
2024-06-07