4 matches found
CVE-2022-4791
The Product Slider and Carousel with Category for WooCommerce WordPress plugin before 2.8 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...
CVE-2022-4791
The Product Slider and Carousel with Category for WooCommerce WordPress plugin before 2.8 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...
CVE-2022-4791 Product Slider and Carousel with Category for WooCommerce < 2.8 - Contributor+ Stored XSS via Shortcode
The Product Slider and Carousel with Category for WooCommerce WordPress plugin before 2.8 does not validate and escape one of its shortcode attributes, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attack...
CVE-2022-4791
The CVE-2022-4791 issue affects the WordPress plugin “Product Slider and Carousel with Category for WooCommerce” (versions before 2.8). Root cause: failure to validate and escape a shortcode attribute, enabling Stored XSS by users with as low as Contributor. Impact: stored cross-site scripting vu...