VYPR

Tb Testimonials

by WordPress

Source repositories

CVEs (5)

  • CVE-2025-26584HigMar 26, 2025
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Travis Ballard TBTestimonials tb-testimonials allows Reflected XSS.This issue affects TBTestimonials: from n/a through <= 1.7.3.

  • CVE-2024-43959HigSep 25, 2024
    risk 0.46cvss 7.1epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Testimonials super-testimonial allows Reflected XSS.This issue affects Testimonials: from n/a through <= 4.0.1.

  • CVE-2024-31348MedApr 7, 2024
    risk 0.42cvss 6.5epss 0.00

    Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Themepoints Testimonials allows Stored XSS.This issue affects Testimonials: from n/a through 3.0.5.

  • CVE-2022-3539MedNov 14, 2022
    risk 0.31cvss 4.8epss 0.01

    The Testimonials WordPress plugin before 2.7, super-testimonial-pro WordPress plugin before 1.0.8 do not sanitize and escape its settings, allowing high privilege users such as admin to perform cross-Site Scripting attacks even when the unfiltered_html capability is disallowed.

  • CVE-2022-33191MedJul 22, 2022
    risk 0.27cvss 4.1epss 0.00

    Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Chinmoy Paul's Testimonials plugin <= 3.0.1 at WordPress.