CVE-2022-33191

Description

Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Chinmoy Paul's Testimonials plugin <= 3.0.1 at WordPress.

CVSS breakdown

CVSS 3.1

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

Required

Scope

Changed

Confidentiality

None

Integrity

Low

Availability

None

Affected products

Chinmoy Paul (chinmoy29) / Testimonials (WordPress plugin)<= 3.0.1 – 3.0.1

References

MISChttps://wordpress.org/plugins/testimonials/#description
MISChttps://patchstack.com/database/vulnerability/testimonials/wordpress-testimonials-plugin-3-0-1-authenticated-stored-cross-site-scripting-xss-vulnerability