Medium severity5.4NVD Advisory· Published Oct 16, 2020· Updated Jun 17, 2026
CVE-2020-26672
CVE-2020-26672
Description
Testimonial Rotator Wordpress Plugin 3.0.2 is affected by Cross Site Scripting (XSS) in /wp-admin/post.php. If a user intercepts a request and inserts a payload in "cite" parameter, the payload will be stored in the database.
Affected products
2- Testimonial Rotator Wordpress Plugin/Testimonial Rotator Wordpress Plugindescription
- Range: = 3.0.2
Patches
Vulnerability mechanics
References
1- wpvulndb.com/vulnerabilities/10272nvdExploitThird Party Advisory
News mentions
0No linked articles in our index yet.