Wp Testimonial Widget

wp_testimonial_widget

Vendor: Starkdigital • 3 CVEs

CVEs (3)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-43967 1Starkdigital 1Wp Testimonial Widget Jun 17, 2026 Aug 26, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Stark Digital WP Testimonial Widget allows Stored XSS.This issue affects WP Testimonial Widget: from n/a throug...Show more Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Stark Digital WP Testimonial Widget allows Stored XSS.This issue affects WP Testimonial Widget: from n/a through 3.1.Show less
CVE-2024-43966 1Starkdigital 1Wp Testimonial Widget Jun 17, 2026 Aug 26, 2024 N/A· v4 7.2 HIGH· v3 N/A· v2 Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Stark Digital WP Testimonial Widget.This issue affects WP Testimonial Widget: from n/a through 3.1.
CVE-2024-7390 1Starkdigital 1Wp Testimonial Widget Jun 17, 2026 Aug 21, 2024 N/A· v4 5.3 MEDIUM· v3 N/A· v2 The WP Testimonial Widget plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnSaveTestimonailOrder function in all versions up to, and including, 3.1. This m...Show more The WP Testimonial Widget plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on the fnSaveTestimonailOrder function in all versions up to, and including, 3.1. This makes it possible for unauthenticated attackers to change the order of testimonials.Show less