1230 matches found
CVE-2026-1275
CVE-2026-1275 concerns the WordPress plugin Multi Post Carousel by Category and its vulnerability to a Stored Cross-Site Scripting (XSS) via the slides shortcode attribute in all versions up to 1.4. The root cause is insufficient input sanitization and output escaping in the function handling the...
PT-2026-26803
The Multi Post Carousel by Category plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slides' shortcode attribute in all versions up to, and including, 1.4. This is due to insufficient input sanitization and output escaping on the user-supplied 'slides' parameter in the...
CVE-2026-27361
Missing Authorization vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Posts Carousel Pro: from n/a through = 15.1...
EUVD-2026-9623
Missing Authorization vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Posts Carousel Pro: from n/a through = 15.1...
CVE-2026-27361
Missing Authorization vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Posts Carousel Pro: from n/a through = 15.1...
CVE-2026-27361
Missing Authorization vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Posts Carousel Pro: from n/a through = 15.1...
CVE-2026-27361 WordPress Responsive Posts Carousel Pro plugin <= 15.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Posts Carousel Pro: from n/a through = 15.1...
CVE-2026-27361
CVE-2026-27361 is a missing/broken authorization vulnerability in the WordPress plugin Responsive Posts Carousel Pro (versions up to 15.1). Public data indicates an exploitable misconfiguration of access control, allowing unauthorized access to protected functionality or data. The CVSSv3.1 base s...
CVE-2026-27361 WordPress Responsive Posts Carousel Pro plugin <= 15.1 - Broken Access Control vulnerability
Missing Authorization vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Posts Carousel Pro: from n/a through = 15.1...
PT-2026-23244
Missing Authorization vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Responsive Posts Carousel Pro: from n/a through = 15.1...
WordPress plugin Responsive Posts Carousel Pro 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...
WordPress Responsive Posts Carousel Pro plugin <= 15.1 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Responsive Posts Carousel Pro versions = 15.1...
CVE-2026-1988
The Flexi Product Slider and Grid for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0.5 via the flexipsgcarousel shortcode. This is due to the theme parameter being directly concatenated into a file path without proper sanitization ...
CVE-2026-1988
The Flexi Product Slider and Grid for WooCommerce plugin for WordPress is vulnerable to Local File Inclusion in all versions up to, and including, 1.0.5 via the flexipsgcarousel shortcode. This is due to the theme parameter being directly concatenated into a file path without proper sanitization ...
Malicious code in react-responsive-carousel-v4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 544d7ca19589218beb2b384a9e4e1ce7f64b130015ea62978f81adc7c6be5934 The package react-responsive-carousel-v4 was found to contain malicious code. Source: ghsa-malware...
MAL-2026-684 Malicious code in react-responsive-carousel-v4 (npm)
--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 544d7ca19589218beb2b384a9e4e1ce7f64b130015ea62978f81adc7c6be5934 The package react-responsive-carousel-v4 was found to contain malicious code. Source: ghsa-malware...
WordPress Elementor Addons by Livemesh plugin <= 8.3.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Posts Carousel Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Posts Carousel Widget vulnerability discovered by RandomRoot in WordPress Plugin Livemesh Addons for Elementor versions = 8.3.4...
WordPress Testimonial Carousel For Elementor plugin <= 10.1.1 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by stealthcopter in WordPress Plugin Testimonial Carousel For Elementor versions = 10.1.1...
WordPress Tutor LMS Elementor Addons plugin <= 2.1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Course Carousel Widget vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Course Carousel Widget vulnerability discovered by wesley wcraft in WordPress Plugin Tutor LMS Elementor Addons versions = 2.1.4...
CVE-2026-22388
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Owl Carousel WP owl-carousel-wp allows Stored XSS.This issue affects Owl Carousel WP: from n/a through = 2.2.2...