cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-11429,https://securityvulnerability.io/vulnerability/CVE-2024-11429,Arbitrary File Inclusion Vulnerability in Stars Testimonials Plugin,"The Stars Testimonials plugin for WordPress, developed by Free Responsive Testimonials, contains a Local File Inclusion vulnerability that affects all versions up to and including 3.3.3. Through the use of the 'stars-testimonials-with-slider-and-masonry-grid' shortcode, authenticated users with contributor-level access or higher can exploit this vulnerability. This allows attackers to include and execute arbitrary PHP files on the server, which can lead to unauthorized access to sensitive data and the potential execution of malicious PHP code. The vulnerability poses significant security risks as it enables bypassing access controls and may facilitate further exploitation on compromised systems.",Wordpress,"Free Responsive Testimonials, Social Proof Reviews, And Customer Reviews – Stars Testimonials",8.8,HIGH,0.0005600000149570405,false,,false,false,false,,false,false,2024-12-05T05:26:10.257Z,0
CVE-2024-8989,https://securityvulnerability.io/vulnerability/CVE-2024-8989,Stored Cross- Site Scripting Vulnerability in Stars Testimonials Plugin,"The Free Responsive Testimonials plugin for WordPress is subject to a Stored Cross-Site Scripting vulnerability due to inadequate input sanitization and output escaping on user-supplied attributes through the stars_testimonials shortcode. This flaw impacts all versions leading up to and including 3.3.1. Authenticated users with contributor-level access can exploit this vulnerability, allowing them to inject arbitrary web scripts into pages. When these pages are accessed by other users, the injected scripts execute, potentially compromising user data and site integrity.",Wordpress,"Free Responsive Testimonials, Social Proof Reviews, And Customer Reviews – Stars Testimonials",6.4,MEDIUM,0.00044999999227002263,false,,false,false,false,,false,false,2024-10-01T07:30:15.356Z,0