Themepoints Super Testimonials — known CVE vulnerabilities
Every CVE whose affected-product data names Themepoints Super Testimonials, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (4)
CVE-2024-13704 — CVSS 7.2 (high): The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'st_user_title' parameter in all versions…
CVE-2023-5613 — CVSS 6.4 (medium): The Super Testimonials plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'tpsscode' shortcode in all…
CVE-2021-36858 — CVSS 4.8 (medium): Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Themepoints Testimonials plugin <= 2.6 on WordPress.
CVE-2022-3539 — CVSS 4.8 (medium): The Testimonials WordPress plugin before 2.7, super-testimonial-pro WordPress plugin before 1.0.8 do not sanitize and escape its settings…