Strong Testimonials

strong_testimonials

Vendor: Wpchill • 6 CVEs

CVEs (6)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2024-47362 1Wpchill 1Strong Testimonials Apr 23, 2026 Nov 1, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Missing Authorization vulnerability in WP Chill Strong Testimonials strong-testimonials.This issue affects Strong Testimonials: from n/a through <= 3.1.16.
CVE-2023-6491 1Wpchill 1Strong Testimonials Apr 8, 2026 Jun 7, 2024 N/A· v4 4.3 MEDIUM· v3 N/A· v2 The Strong Testimonials plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the wpmtst_save_view_sticky function in all versions up to, and including, 3.1.12. Th...Show more The Strong Testimonials plugin for WordPress is vulnerable to unauthorized modification of data due to an improper capability check on the wpmtst_save_view_sticky function in all versions up to, and including, 3.1.12. This makes it possible for authenticated attackers, with contributor access and above, to modify favorite views.Show less
CVE-2024-3261 1Wpchill 1Strong Testimonials May 8, 2025 Apr 24, 2024 N/A· v4 4.8 MEDIUM· v3 N/A· v2 The Strong Testimonials WordPress plugin before 3.1.12 does not validate and escape some of its Testimonial fields before outputting them back in a page/post, which could allow users with the contributor role and above t...Show more The Strong Testimonials WordPress plugin before 3.1.12 does not validate and escape some of its Testimonial fields before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. The attack requires a specific view to be performedShow less
CVE-2023-52123 1Wpchill 1Strong Testimonials Apr 28, 2026 Jan 5, 2024 N/A· v4 8.8 HIGH· v3 N/A· v2 Cross-Site Request Forgery (CSRF) vulnerability in WPChill Strong Testimonials.This issue affects Strong Testimonials: from n/a through 3.1.10.
CVE-2023-26013 1Wpchill 1Strong Testimonials Nov 21, 2024 Jun 16, 2023 N/A· v4 5.4 MEDIUM· v3 N/A· v2 Auth. (contributor+) Stored Cross-Site Scripting (XSS) vulnerability in WPChill Strong Testimonials plugin <= 3.0.2 versions.
CVE-2020-8549 1Wpchill 1Strong Testimonials Nov 21, 2024 Feb 3, 2020 N/A· v4 6.1 MEDIUM· v3 4.3 MEDIUM· v2 Stored XSS in the Strong Testimonials plugin before 2.40.1 for WordPress can result in an attacker performing malicious actions such as stealing session tokens.