Browse all 3 CVE security advisories affecting Trustindex.io. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Trustindex.io operates as a customer review platform that enables businesses to collect and display user feedback on their websites. Historically, the service has been susceptible to common web vulnerabilities including cross-site scripting (XSS) and remote code execution (RCE), with three CVEs documented to date. These vulnerabilities typically stem from improper input validation and insufficient access controls. While no major security incidents have been widely reported, the presence of multiple CVEs indicates potential risks for businesses relying on the platform for customer engagement. Organizations implementing Trustindex.io should ensure proper security hardening and monitoring to mitigate these known weaknesses.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2024-25924 | WordPress WP Testimonials plugin <= 1.4.3 - Auth. SQL Injection vulnerability — WP TestimonialsCWE-89 | 7.6 | High | 2024-03-28 |
| CVE-2023-48275 | WordPress Widgets for Google Reviews plugin <= 11.0.2 - Arbitrary File Upload vulnerability — Widgets for Google ReviewsCWE-434 | 8.0 | High | 2024-03-26 |
| CVE-2023-2830 | WordPress WP Testimonials Plugin <= 1.4.2 is vulnerable to Cross Site Request Forgery (CSRF) — WP TestimonialsCWE-352 | 5.4 | Medium | 2023-10-03 |
This page lists every published CVE security advisory associated with Trustindex.io. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.