4 matches found
CVE-2021-24729
The Logo Showcase with Slick Slider WordPress plugin before 1.2.4 does not sanitise the Grid Settings, which could allow users with a role as low as Author to perform stored Cross-Site Scripting attacks via post metadata of Grid logo showcase...
CVE-2021-24729
The Logo Showcase with Slick Slider WordPress plugin before 1.2.4 does not sanitise the Grid Settings, which could allow users with a role as low as Author to perform stored Cross-Site Scripting attacks via post metadata of Grid logo showcase...
CVE-2021-24729 Logo Showcase with Slick Slider < 1.2.4 - Author+ Stored Cross Site Scripting
The Logo Showcase with Slick Slider WordPress plugin before 1.2.4 does not sanitise the Grid Settings, which could allow users with a role as low as Author to perform stored Cross-Site Scripting attacks via post metadata of Grid logo showcase...
CVE-2021-24729
CVE-2021-24729 concerns the WordPress plugin “Logo Showcase with Slick Slider” (versions before 1.2.4). The vulnerability is a failure to sanitize Grid Settings, enabling stored Cross-Site Scripting via post metadata and allowing unaffiliated authors or users with low privileges to inject script....