Axelerant - Testimonials Widget CVE - CVE Search - CVE Details

Filtered by vendor Axelerant Subscribe

Filtered by product Testimonials Widget

Total 1 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-24136	1 Axelerant	1 Testimonials Widget	2021-03-24	3.5 LOW	5.4 MEDIUM
Unvalidated input and lack of output encoding in the Testimonials Widget WordPress plugin, versions before 4.0.0, lead to multiple Cross-Site Scripting vulnerabilities, allowing remote attackers to inject arbitrary JavaScript code or HTML via the below parameters: - Author - Job Title - Location - Company - Email - URL

Vulnerabilities (CVE)