Hnwmn

**Name of the Vulnerable Software and Affected Versions** Stark Digital WP Testimonial Widget versions n/a through 3.1 **Description** The issue is related to an Improper Neutralization of Special Elements used in an SQL Command, also known as 'SQL Injection'. This allows for potential exploitation. **Recommendations** For versions n/a through 3.1, update to a version that fixes the SQL Injection vulnerability. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Stark Digital WP Testimonial Widget versions prior to 3.1 **Description** The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting (XSS), which allows Stored XSS. This means that an attacker can inject malicious scripts into the website, potentially affecting users who visit the site. **Recommendations** For versions prior to 3.1, update to a version that includes the fix for this issue to prevent Stored XSS attacks. As a temporary workaround, consider restricting user input to prevent malicious scripts from being injected into the website.