Stored XSS in Strong Testimonials Plugin for WordPress (before version 2.40.1) allows session token theft and other malicious actions.

Stored XSS in Strong Testimonials Plugin for WordPress (before version 2.40.1) allows session token theft and other malicious actions.

CVE-2020-8549 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N

Stored XSS in the Strong Testimonials plugin before 2.40.1 for WordPress can result in an attacker performing malicious actions such as stealing session tokens.

Learn more about our Wordpress Pen Testing.