← Back

CVE-2021-36851

nvd nist
Published: Apr 4, 2022Modified: Jun 17, 2026

JSON object

Loading...
5.4
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
Exploitability: 2.3 / Impact: 2.7
Source: NVD

Description

Authenticated (editor or higher user role) Cross-Site Scripting (XSS) vulnerability in Web-Settler Testimonial Slider – Free Testimonials Slider Plugin (WordPress plugin) via parameters mpsp_posts_bg_color, mpsp_posts_description_color, mpsp_slide_nav_button_color.

Affected (1)

1 product
Testimonial Slider
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Up to 3.5.8.3

Timeline

No history available yet.