Vulnerabilities > Testimonial Rotator Project

DATE CVE VULNERABILITY TITLE RISK
2021-04-05 CVE-2021-24156 Cross-site Scripting vulnerability in Testimonial Rotator Project Testimonial Rotator 3.0.3
Stored Cross-Site Scripting vulnerabilities in Testimonial Rotator 3.0.3 allow low privileged users (Contributor) to inject arbitrary JavaScript code or HTML without approval.
network
low complexity
testimonial-rotator-project CWE-79
5.4
2020-10-16 CVE-2020-26672 Cross-site Scripting vulnerability in Testimonial Rotator Project Testimonial Rotator
Testimonial Rotator Wordpress Plugin 3.0.2 is affected by Cross Site Scripting (XSS) in /wp-admin/post.php.
network
low complexity
testimonial-rotator-project CWE-79
5.4