Cross Site Scripting issues?

I am also getting the same warnings from iThemes Security.

Same here. Do you have an ETA on a fix, or should we consider switching to an alternative plugin? I would prefer to stick with this plugin as we have implemented and customized it on dozens upon dozens of sites. Thank you!!

I only had this plugin on one site. I was tired of getting the security issues every day, so I decided to switch to the plugin Strong Testimonials.

I had to copy and paste the 33 testimonials I had in the old widget, but it gave me peace of mind since the Testimonials Widget hasn’t been updated in 7 months and wasn’t sure when we would receive a response.

Thanks for the info, John! I was wondering if it would be possible to import testimonials into a new plugin rather than having to manually transfer them. It would be a huge amount of work if we had to manually transfer everything for all of our sites ??

michaelsandmichaels,

I tried to look for this, but the Testimonials widget and the Strong Testimonials plugin don’t have import and export functions. You may be able to use the WordPress export and import in the Tools section, but the format is XML. If you are able to figure out the proper XML format for importing into the new plugin, that may help if you are a bit more technical.

If you are doing this, I would add a new testimonial or two to the new plugin, then export the XML file to see the format. Do the same for the old testimonials you already have. Then change the XML file for the old testimonials to match the fields of the new testimonial XML, then import. Only way I can see doing this.

Oh snap – it doesn’t bode well to have no reply in 3 days…

John, thank you for the detailed recommendations! I will look into that option if this goes on much longer without a response from the developer.

I forgot to mention that we are using Strong Testimonials on some of our newer sites, so I do like that plugin as an alternative if the need arises.

I have released the 4.0.1 version of the plugin which should fix the issue you mentioned above. Please update the plugin to the latest version and let me know your feedback.

Also, don’t forget to read about the plugin changelog as this is a major release and we have released the Testimonials Widget Premium plugin as part of WordPress Plugin contribution so that everyone can take the benefits of its all the feature.

Whew and thanks for taking care of this issue!!

Whew indeed – my updates are looking good so far. Thanks

Just a heads-up to those who update—the Play/Pause and Next/Prev buttons are enabled automatically after update, so you’ll need to manually uncheck those if you don’t want them visible.