Elegant Testimonial <= 1.1.6 – Multiple Authenticated Stored Cross-Site Scripting

Description

The name, company and text fields used while adding a testimonial to a page was found to be vulnerable to stored XSS, as they did not sanitize user given input properly before publishing the post. It is triggered when a user loads a page where the plugin shortcode is used. All WordPress websites using WP Elegant Testimonial Plugin version 1.1.6 and below are affected.

Proof of Concept

The PoC will be displayed once the issue has been remediated.

Affects Plugins

wp-elegant-testimonial

No known fix

References

URL

https://packetstormsecurity.com/files/#158907/

URL

https://melbin.in/2020/08/15/multiple-stored-xss-vulnerabilities-in-woprpress-elegant-testimonial-plugin/

Classification

Type

XSS

OWASP top 10

A7: Cross-Site Scripting (XSS)

CWE

CWE-79

CVSS

3.8 (low)

Miscellaneous

Original Researcher

Melbin K Mathew

Verified

WPVDB ID

45ad04ce-8c3d-4696-a17e-8dba8383b57e

Timeline

Publicly Published

2020-08-19 (about 5 years ago)

Added

2020-08-19 (about 5 years ago)

Last Updated

2020-08-20 (about 5 years ago)

Other

Published

Title

Published

2021-11-29

Title

Buttonizer - Smart Floating Action Button < 2.5.5 - Admin+ Stored Cross-Site Scripting

Published

2023-04-10

Title

Limit Login Attempts < 1.7.2 - Subscriber+ Stored XSS

Published

2026-03-10

Title

Zorka – Wonderful Fashion WooCommerce Theme <= 1.5.7 - Reflected Cross-Site Scripting

Published

2024-12-30

Title

Best WordPress Shortcode Plugin in 2025 – AIO Shortcodes < 1.3.1 - Unauthenticated Stored Cross-Site Scripting

Published

2024-05-06

Title

Yoast SEO < 22.6 - Reflected Cross-Site Scripting