Lucene search
K

63 matches found

Vulnrichment
Vulnrichment
added 2024/02/10 7:53 a.m.20 views

CVE-2024-24801 WordPress OWL Carousel Plugin <= 1.4.0 is vulnerable to Cross Site Scripting (XSS)

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LogicHunt OWL Carousel – WordPress Owl Carousel Slider allows Stored XSS.This issue affects OWL Carousel – WordPress Owl Carousel Slider: from n/a through 1.4.0...

6.5CVSS6.5AI score0.00333EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/01/08 12:0 a.m.7 views

WordPress Plugin CPT Bootstrap Carousel Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability...

7.1CVSS6.5AI score0.0033EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2023/10/30 12:0 a.m.6 views

PT-2023-32070 · WordPress · Carousel

Name of the Vulnerable Software and Affected Versions: The Carousel, Recent Post Slider and Banner Slider plugin for WordPress versions up to, and including, 2.0 Description: The issue is related to Stored Cross-Site Scripting via the spice post slider shortcode due to insufficient input...

6.4CVSS5.3AI score0.00519EPSS
Exploits1References8
CVE
CVE
added 2023/10/16 10:29 a.m.45 views

CVE-2023-44229

CVE-2023-44229 concerns the Tiny Carousel Horizontal Slider WordPress plugin. The vulnerability is an authenticated (admin+) Stored Cross-Site Scripting (XSS) flaw in versions

5.9CVSS5.1AI score0.00335EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/08/08 12:15 p.m.6 views

CVE-2023-23829

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pierre JEHAN Owl Carousel plugin = 0.5.3 versions...

4.8CVSS5.8AI score0.00355EPSS
Exploits0References1
NVD
NVD
added 2023/08/08 12:15 p.m.17 views

CVE-2023-23829

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Pierre JEHAN Owl Carousel plugin = 0.5.3 versions...

6.5CVSS5.8AI score0.00355EPSS
Exploits0References1
CVE
CVE
added 2023/08/08 11:35 a.m.141 views

CVE-2023-23829

CVE-2023-23829 affects the Owl Carousel WordPress plugin versions ≤ 0.5.3. It is a Stored Cross-Site Scripting (XSS) vulnerability that requires Admin+ privileges. Patch status indicates the flaw is Unpatched; the recommended remediation is to update to a version higher than 0.5.3 (if available)....

6.5CVSS5.2AI score0.00355EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/06/22 12:15 p.m.1 views

CVE-2023-28776

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Continuous Image Carousel With Lightbox plugin = 1.0.15 versions...

6.1CVSS5.8AI score0.00382EPSS
Exploits0References1
NVD
NVD
added 2023/05/03 3:15 p.m.18 views

CVE-2023-23808

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Sergey Panasenko Sponsors Carousel plugin = 4.02 versions...

5.9CVSS5.4AI score0.00369EPSS
Exploits0References1
OSV
OSV
added 2023/05/03 3:15 p.m.4 views

CVE-2023-23808

Auth. admin+ Stored Cross-Site Scripting XSS vulnerability in Sergey Panasenko Sponsors Carousel plugin = 4.02 versions...

4.8CVSS6.6AI score0.00369EPSS
Exploits0References1
CVE
CVE
added 2023/05/03 2:31 p.m.37 views

CVE-2023-23808

CVE-2023-23808 affects the WordPress Sponsors Carousel plugin for versions prior to or equal to 4.02. The issue is an Authenticated (admin+) Stored Cross-Site Scripting (XSS) vulnerability in the Sponsors Carousel plugin, with the root cause described as stored XSS. The available sources indicate...

5.9CVSS4.9AI score0.00369EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/04/07 3:15 p.m.2 views

CVE-2023-28792

Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Continuous Image Carousel With Lightbox plugin = 1.0.15 versions...

6.1CVSS6.8AI score0.00382EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/01/30 12:0 a.m.6 views

WordPress plugin CPT Bootstrap Carousel 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting vulnerabilit...

5.4CVSS5.4AI score0.00534EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2023/01/30 12:0 a.m.5 views

PT-2023-16011 · WordPress · Post Grid

Name of the Vulnerable Software and Affected Versions: The Post Grid, Post Carousel, & List Category Posts WordPress plugin versions prior to 2.4.19 Description: The issue concerns a lack of validation and escaping of certain block options in the plugin, which could allow users with the contribut...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References4
Positive Technologies
Positive Technologies
added 2023/01/16 12:0 a.m.6 views

PT-2023-14557 · WordPress · Carousel

Name of the Vulnerable Software and Affected Versions: The Carousel, Slider, Gallery by WP Carousel WordPress plugin versions prior to 2.5.3 Description: The issue allows users with a role as low as contributor to perform Stored Cross-Site Scripting attacks, which could be used against high...

5.4CVSS6.2AI score0.00471EPSS
Exploits2References5
vulnersOsv
vulnersOsv
added 2022/09/16 12:0 a.m.4 views

@basket/get (>=1.1.0 <=1.2.2), @bitovi/incremental (>=1.0.0 <=1.0.2) +50 more potentially affected by CVE-2022-37257 via steal (>=0.12.9 <=2.3.0)

steal NPM version =0.12.9, =1.1.0, =1.0.0, =1.0.0, =0.0.0, =0.1.0, =0.1.0, =0.0.1, =0.0.1-0, =0.3.0, =1.0.0, =0.4.0, =0.7.3 and more Source cves: CVE-2022-37257 Source advisory: OSV:GHSA-93Q5-3XPC-8VG3...

9.8CVSS7.2AI score0.01109EPSS
Exploits0
CNNVD
CNNVD
added 2022/06/13 12:0 a.m.4 views

WordPress plugin Carousel CK 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. WordPress plugin is an application plugin. WordPress Carousel CK plugin 1.1.0 and earlier versions have a cross-site scripting vulnerability tha...

4.8CVSS5.4AI score0.00565EPSS
Exploits2References2
OSV
OSV
added 2021/12/21 9:15 a.m.5 views

CVE-2021-24738

The Logo Carousel WordPress plugin before 3.4.2 does not validate and escape the "Logo Margin" carousel option, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS5.8AI score
Exploits0References1
OSV
OSV
added 2021/12/21 9:15 a.m.5 views

CVE-2021-24739

The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to duplicate and view arbitrary private posts made by other users via the Carousel Duplication feature...

8.1CVSS5.9AI score0.01006EPSS
Exploits2References1
CNNVD
CNNVD
added 2021/12/21 12:0 a.m.2 views

WordPress 插件授权问题漏洞

WordPress is the Wordpress Foundation's set of blogging platforms developed using the PHP language. The platform supports the hosting of personal blogging sites on servers with PHP and MySQL. WordPress Logo Carousel plugin is vulnerable to authorization issues in versions prior to 3.4.2. The...

8.1CVSS5.9AI score0.01006EPSS
Exploits2References2
Rows per page
Query Builder