Easy Testimonial Slider and Form
by WordPress
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2022-46799 | Hig | 0.46 | 7.1 | 0.00 | May 8, 2023 | Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form plugin <= 1.0.15 versions. | ||
| CVE-2023-45754 | Med | 0.38 | 5.9 | 0.00 | Oct 25, 2023 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form allows Stored XSS.This issue affects Easy Testimonial Slider and Form: from n/a through 1.0.18. | ||
| CVE-2015-10147 | 0.00 | — | 0.00 | Oct 29, 2025 | The Easy Testimonial Slider and Form plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. … |
- risk 0.46cvss 7.1epss 0.00
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form plugin <= 1.0.15 versions.
- risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in I Thirteen Web Solution Easy Testimonial Slider and Form allows Stored XSS.This issue affects Easy Testimonial Slider and Form: from n/a through 1.0.18.
- CVE-2015-10147Oct 29, 2025risk 0.00cvss —epss 0.00
The Easy Testimonial Slider and Form plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. …