← back
CVE-2021-24156

Testimonial Rotator <= 3.0.3 - Authenticated Stored Cross-Site Scripting

EPSS 0.7%CWE-79
Stored Cross-Site Scripting vulnerabilities in Testimonial Rotator 3.0.3 allow low privileged users (Contributor) to inject arbitrary JavaScript code or HTML without approval. This could lead to privilege escalation
Affected products
Unknown · Testimonial Rotator

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
https://mega.nz/file/ftVSmRCC#ctqUg89CKszEuLO3eeQVazUStTPvoQD6LlbWNSMa7uAhttps://wpscan.com/vulnerability/8b6f4a77-4008-4730-9a91-fa055a8b3e68