Approved changes feed: RSS · Atom

cpe:2.3:a:machothemes:strong_testimonials:*:*:*:*:*:wordpress:*:*

part: a version: * update: *

VendorMachothemes (011507af-8f8b-5838-9d9a-c7be4c5d7373)
ProductStrong Testimonials (176ef4a8-c8f4-56c6-8c44-18623a22a07b)
Edition*
Language*
Software edition*
Target softwarewordpress
Target hardware*
Other*
NotesImported from purl2cpe mapping

PURL mappings

PURLSourceLast updated
pkg:github/machothemes/strong-testimonials purl2cpe 2026-06-01 10:13:01.144715

Vulnerability references

IdentifiercpeApplicabilitySubmitteddb.gcve.eu detailsRationale
CVE:CVE-2022-4717 vulnerable 2026-06-08 05:52:00.236284 Strong Testimonials < 3.0.3 - Contributor+ Stored XSS via Shortcode
The Strong Testimonials WordPress plugin before 3.0.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
Published: 2023-02-06T19:59:15.762Z
Updated: 2025-03-25T20:42:26.553Z
Reference links
Imported from gcve-enriched-dumps CVE data

Contribute

You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.