cleantalk
Vulnerabilities and Security Researches

Testimonial Slider, 11d8d5fbd63c5f993de5ca55af3f86d05727ff54

CVE, Research URL

11d8d5fbd63c5f993de5ca55af3f86d05727ff54

Home page URL

Security reports for Testimonial Slider

Application

Testimonial Slider

Published on
Aug 05, 2022
Research Description
Testimonial &#8211; Testimonial Slider and Showcase Plugin [testimonial-slider-and-showcase] < 2.2.7 Testimonial Slider <= 2.2.6 - Stored Cross-Site Scripting The Testimonial Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the post_title parameter in versions up to, and including, 2.2.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
Affected versions
max 2.2.7.
Status
vulnerable
Previous vulnerability researches
Testimonial Slider (CVE-2022-50947) , May 12, 2026
Testimonial Slider (CVE-2024-1746) , Jun 07, 2024
Testimonial Slider (11d8d5fbd63c5f993de5ca55af3f86d05727ff54) , Jun 07, 2024
Testimonial Slider (CVE-2024-1745) , Jun 07, 2024
New vulnerability
Testimonial Slider (CVE-2022-50947) , May 12, 2026
Simple Cloudflare Turnstile &#8211; CAPTCHA Alternative (CVE-2026-40799) , May 12, 2026
IP2Location Country Blocker (CVE-2022-50961) , May 12, 2026
Jetpack – WP Security, Backup, Speed, & Growth (CVE-2022-50958) , May 11, 2026
Error Log Monitor, Activity Logs, User Activity Tracking from Logtivity (CVE-2026-8198) , May 11, 2026