CVE-2023-0660

The Smart Slider 3 WordPress plugin before 3.5.1.14 does not properly validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...

CVE-2023-0660

creationtimestamp| type| source ---|---|--- 2023-03-27 20:49:59+00:00| seen| https://t.me/cibsecurity/60801 2025-02-19 22:21:30+00:00| seen| Telegram/UxZlDcyRQjVq4OAKtjLWsTeB1Dr710Zks3u-uJRCQiMy62j...

CVE-2023-0660

The Smart Slider 3 WordPress plugin is affected by a Stored Cross-Site Scripting (XSS) vulnerability in versions prior to 3.5.1.14. The issue stems from improper validation and escaping of certain shortcode attributes before output in pages/posts where the shortcode is embedded, enabling users wi...

CVE-2023-0660 Smart Slider 3 < 3.5.1.14 - Contributor+ Stored XSS

The Smart Slider 3 WordPress plugin before 3.5.1.14 does not properly validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting...