RSS   Vulnerabilities for 'Easy testimonials'   RSS

2018-11-26
 
CVE-2018-19564

CWE-79
 

 
Stored XSS was discovered in the Easy Testimonials plugin 3.2 for WordPress. Three wp-admin/post.php parameters (_ikcf_client and _ikcf_position and _ikcf_other) have Cross-Site Scripting.

 
2017-08-01
 
CVE-2017-12131

 

 
The Easy Testimonials plugin 3.0.4 for WordPress has XSS in include/settings/display.options.php, as demonstrated by the Default Testimonials Width, View More Testimonials Link, and Testimonial Excerpt Options screens.

 

 >>> Vendor: Goldplugins 2 Products
Testimonials plugin easy testimonials
Easy testimonials


Copyright 2019, cxsecurity.com

 

Back to Top