Stars Testimonials is a WordPress plugin that allows users to add interactive testimonials with sliders and masonry grids. The vulnerability discovered in version 3.3.4 of the plugin allows an attacker to inject malicious JavaScript code, potentially leading to cross-site scripting (XSS) attacks.
You're affected if you use Stars Testimonials: from n/a through <= 3.3.4.
To check if your installation is vulnerable, run wp-content/plugins/stars-testimonials-with-slider-and-masonry-grid/func.php with the PHP command line tool (e.g., on Linux/Mac: php -r 'require __FILE__; print_r($stars_testimonials_with_slider_and_masonry_grid);') or use a plugin like WPScan.
No public patch link found in the advisory. Contact the vendor directly for remediation guidance.