CVE-2026-28112 WordPress AllInOne - Banner Rotator plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup AllInOne - Banner Rotator all-in-one-bannerRotator allows Reflected XSS.This issue affects AllInOne - Banner Rotator: from n/a through = 3.8...

CVE-2026-28112

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup AllInOne - Banner Rotator all-in-one-bannerRotator allows Reflected XSS.This issue affects AllInOne - Banner Rotator: from n/a through = 3.8...

PT-2026-23385

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup AllInOne - Banner Rotator all-in-one-bannerRotator allows Reflected XSS.This issue affects AllInOne - Banner Rotator: from n/a through = 3.8...

WordPress AllInOne - Banner Rotator plugin <= 3.8 - Reflected Cross Site Scripting (XSS) vulnerability

WordPress AllInOne - Banner Rotator plugin = 3.8 - Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin AllInOne - Banner Rotator versions = 3.8...

WordPress AllInOne - Banner Rotator Plugin <= 3.8 - SQL Injection Vulnerability

WordPress AllInOne - Banner Rotator Plugin = 3.8 - SQL Injection Vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin AllInOne - Banner Rotator versions = 3.8...

CVE-2025-60110

CVE-2025-60110 — LambertGroup AllInOne - Banner Rotator suffers SQL Injection due to improper neutralization of input. Affected: AllInOne - Banner Rotator