CVE-2024-3261

{"id": "CVE-2024-3261", "metrics": {}, "published": "2024-04-24T05:15:47.207", "references": [{"url": "https://wpscan.com/vulnerability/5a0d5922-eefc-48e1-9681-b63e420bb8b3/", "source": "contact@wpscan.com"}], "vulnStatus": "Awaiting Analysis", "descriptions": [{"lang": "en", "value": "The Strong Testimonials WordPress plugin before 3.1.12 does not validate and escape some of its Testimonial fields before outputting them back in a page/post, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. The attack requires a specific view to be performed"}, {"lang": "es", "value": "El complemento Strong Testimonials de WordPress anterior a 3.1.12 no valida ni escapa algunos de sus campos de testimonios antes de devolverlos a una p\u00e1gina/publicaci\u00f3n, lo que podr\u00eda permitir a los usuarios con el rol de colaborador y superior realizar ataques de Cross-Site Scripting Almacenado. El ataque requiere que se realice una vista espec\u00edfica."}], "lastModified": "2024-04-24T13:39:42.883", "sourceIdentifier": "contact@wpscan.com"}