N/A
2026-04-07< 3.2.22
Strong Testimonials <= 3.2.21 - Authenticated (Contributor+) Stored Cross-Site Scripting via testimonial_view Shortcode
Strong Testimonials
Minimum safe version
3.2.22
Update to 3.2.22 or later to address 19 fixable vulnerabilities
Latest available3.2.22 ✓
Medium 6.5
2026-02-03< 3.2.21
CVE-2026-24957
Medium 4.3
2025-12-30< 3.2.19
CVE-2025-14426
Medium 4.3
2025-11-06< 3.2.17
CVE-2025-11268
Medium 6.4
2025-07-15< 3.2.12
Strong Testimonials <= 3.2.11 - Authenticated (Author+) Stored Cross-Site Scripting via Custom Fields
Medium 5.3
2025-02-25< 3.2.4
CVE-2025-26975
Medium 4.3
2024-11-01< 3.1.17
CVE-2024-47362
Medium 4.3
2024-06-07< 3.1.13
CVE-2023-6491
Medium 4.8
2024-04-24< 3.1.12
CVE-2024-3261
Medium 4.3
2024-12-28< 3.1.11
WordPress Strong Testimonials Plugin <= 3.1.10 is vulnerable to Cross Site Request Forgery (CSRF)
N/A
< 2.51.3
Strong Testimonials < 2.51.3 - Unauthorised AJAX Call
N/A
< 2.31.5
Strong Testimonials <= 2.31.4 - Multiple Authenticated Cross-Site Scripting (XSS)
Medium 6.5
2023-06-16< 3.0.3
CVE-2023-26013
Medium 5.4
2023-02-06< 3.0.3
CVE-2022-4717
N/A
2018-07-24< 2.31.5
Strong Testimonials <= 2.31.4 - Reflected Cross-Site Scripting
N/A
2021-06-30< 2.51.3
Strong Testimonials <= 2.51.2 - Authorization Bypass
N/A
2018-08-09< 2.31.5
WordPress Strong Testimonials plugin <= 2.31.4 - Multiple Authenticated Cross-Site Scripting (XSS) vulnerabilities
N/A
2020-02-01< 2.40.1
WordPress Strong Testimonials plugin <= 2.40.0 - Stored Cross Site Scripting (XSS) vulnerability
Medium 6.1
2020-02-03< 2.40.1
CVE-2020-8549