HomePentest-Tools.com Logo

Aajoda Testimonials < 2.2.2 - Cross-Site Scripting CVE-2023-2178

Severity
CVSSv3 Score
4.8
Vulnerability description

The plugin does not sanitize and escape some of its settings, which could allow high-privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallowed (for example in multisite setup).\n

Risk description

No risk description to display.

Recommendation

Update Aajoda Testimonials plugin to version 2.2.2 or later to mitigate the vulnerability.

Codename
Not available
Detectable with
Network Scanner
Scan engine
Nuclei
Exploitable with Sniper
No
CVE Published
Jun 27, 2023
Detection added at
Software Type
Not available
Vendor
Not available
Product
Not available