Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cvelistWPScanCVELIST:CVE-2021-24729
HistoryNov 23, 2021 - 7:16 p.m.

CVE-2021-24729 Logo Showcase with Slick Slider < 1.2.4 - Author+ Stored Cross Site Scripting

2021-11-2319:16:10
CWE-79
WPScan
www.cve.org
2
cve-2021-24729
logo showcase
slick slider
wordpress plugin
cross-site scripting

EPSS

0.001

Percentile

24.8%

JSON

The Logo Showcase with Slick Slider WordPress plugin before 1.2.4 does not sanitise the Grid Settings, which could allow users with a role as low as Author to perform stored Cross-Site Scripting attacks via post metadata of Grid logo showcase.

CNA Affected

[
  {
    "product": "Logo Showcase with Slick Slider – Logo Carousel, Logo Slider & Logo Grid",
    "vendor": "Unknown",
    "versions": [
      {
        "lessThan": "1.2.4",
        "status": "affected",
        "version": "1.2.4",
        "versionType": "custom"
      }
    ]
  }
]

Related

prion 1
nvd 1
wpexploit 1
wpvulndb 1
patchstack 1
cve 1
prion
prion
Cross site scripting
2021-11-23 20:15:00
nvd
nvd
CVE-2021-24729
2021-11-23 20:15:09
wpexploit
wpexploit
Logo Showcase with Slick Slider < 1.2.4 - Author+ Stored Cross Site Scripting
2021-10-19 00:00:00
wpvulndb
wpvulndb
Logo Showcase with Slick Slider < 1.2.4 - Author+ Stored Cross Site Scripting
2021-10-19 00:00:00
patchstack
patchstack
WordPress Logo Showcase with Slick Slider plugin <= 1.2.3 - Stored Cross-Site Scripting (XSS) vulnerability
2021-10-19 00:00:00
cve
cve
CVE-2021-24729
2021-11-23 20:15:09

EPSS

0.001

Percentile

24.8%

JSON
Related for CVELIST:CVE-2021-24729
prion1nvd1wpexploit1wpvulndb1patchstack1cve1