axelerant CVE Vulnerabilities & Metrics

About axelerant Security Exposure

This page consolidates all known Common Vulnerabilities and Exposures (CVEs) associated with axelerant. We track both calendar-based metrics (using fixed periods) and rolling metrics (using gliding windows) to give you a comprehensive view of security trends and risk evolution. Use these insights to assess risk and plan your patching strategy.

For a broader perspective on cybersecurity threats, explore the comprehensive list of CVEs by vendor and product. Stay updated on critical vulnerabilities affecting major software and hardware providers.

Critical axelerant CVEs (CVSS ≥ 9) Over 20 Years

Top 5 Highest CVSS axelerant CVEs

These are the five CVEs with the highest CVSS scores for axelerant, sorted by severity first and recency.

• CVE-2021-24136 axelerant Published on 18 Mar 2021, 15:15 UTC (CVSS: 3.5)
  Unvalidated input and lack of output encoding in the Testimonials Widget WordPress plugin, versions before 4.0.0, lead to multiple Cross-Site Scripting vulnerabilities, allowing remote attackers to inject arbitrary JavaScript code or HTML via the below parameters: - Author - Job Title - Location - Company - Email - URL
• CVE-2024-37553 axelerant Published on 06 Jul 2024, 16:15 UTC (CVSS: 0)
  Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Axelerant Testimonials Widget allows Stored XSS.This issue affects Testimonials Widget: from n/a through 4.0.4.
• CVE-2024-4705 axelerant Published on 06 Jun 2024, 02:15 UTC (CVSS: 0)
  The Testimonials Widget plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's testimonials shortcode in all versions up to, and including, 4.0.4 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers, with contributor-level access and above, to inject arbitrary web scripts in pages t...

All CVEs for axelerant