CVE-2021-36851

Name of the Vulnerable Software and Affected Versions Web-Settler Testimonial Slider – Free Testimonials Slider Plugin (affected versions not specified)

Description The issue is related to an Authenticated Cross-Site Scripting (XSS) vulnerability. It can be exploited via parameters mpsp posts bg color, mpsp posts description color, mpsp slide nav button color. This vulnerability requires an authenticated user with an editor or higher user role.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.