5 matches found
EUVD-2021-24771
Malware in sbrugna...
Cross site scripting
The 3D Cover Carousel WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter in the /cover-carousel.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0...
CVE-2021-38318
CVE-2021-38318 concerns the WordPress plugin “3D Cover Carousel” (versions ≤ 1.0). The vulnerability is a Reflected Cross-Site Scripting (XSS) via the id parameter in ~/cover-carousel.php, enabling injection of arbitrary scripts. Affected component is the plugin’s PHP code handling the id input; ...
3D Cover Carousel <= 1.0 - Reflected Cross-Site Scripting
Description The plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter in the /cover-carousel.php file which allows attackers to inject arbitrary web scripts...
WordPress 3D Cover Carousel plugin <= 1.0 - Reflected Cross-Site Scripting (XSS) vulnerability
Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress 3D Cover Carousel plugin versions = 1.0. Solution This plugin has been closed as of September 7, 2021 and is not available for download. This closure is temporary, pending a full review...