Headline
CVE-2022-33191: Testimonials
Authenticated (contributor or higher user role) Stored Cross-Site Scripting (XSS) vulnerability in Chinmoy Paul’s Testimonials plugin <= 3.0.1 at WordPress.
- Details
- Reviews
- Support
- Development
This plugin has been closed as of July 19, 2022 and is not available for download. This closure is temporary, pending a full review.
I downloaded this hoping to save some time in displaying a few testimonials. However, the content in each p tag would run off the page. I didn’t feel like digging too far into the css or what the possible conflict could be (I’m using Inuit). If you leave any fields unused, such as business link or business name, the plugin leaves the space empty, that would be used by those fields. It should at least check to see if they’re empty. 2 stars because it could be an issue with Inuit but I don’t think it is.
Read all 4 reviews
“Testimonials” is open source software. The following people have contributed to this plugin.
Contributors
- chinmoy29