Lucene search
K

1230 matches found

Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.7 views

PT-2026-4214

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Owl Carousel WP owl-carousel-wp allows Stored XSS.This issue affects Owl Carousel WP: from n/a through = 2.2.2...

5.4AI score0.00218EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.7 views

PT-2026-3967

Name of the Vulnerable Software and Affected Versions Magic Responsive Slider and Carousel WordPress versions prior to 1.6 Description The software contains a flaw due to improper neutralization of input during web page generation, which allows for Reflected Cross-site Scripting XSS. This means a...

5.5AI score0.00237EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2026/01/09 12:38 p.m.7 views

CVE-2023-50100

JFinalcms 5.0.0 is vulnerable to Cross Site Scripting XSS via carousel image editing...

5.4CVSS6AI score0.00444EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 12:10 p.m.8 views

CVE-2018-18931

An issue was discovered in the Tightrope Media Carousel digital signage product 7.0.4.104. Due to insecure default permissions on the C:\TRMS\Services directory, an attacker who has gained access to the system can elevate their privileges from a restricted account to full SYSTEM by replacing the...

9CVSS7.3AI score0.01631EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:31 a.m.9 views

CVE-2023-25457

Missing Authorization vulnerability in Richteam Slider Carousel – Responsive Image Slider.This issue affects Slider Carousel – Responsive Image Slider: from n/a through 1.5.1...

5.3CVSS8.6AI score0.0049EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 9:17 a.m.8 views

CVE-2025-23933

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpfreeware WpF Ultimate Carousel wpf-ultimate-carousel allows Stored XSS.This issue affects WpF Ultimate Carousel: from n/a through = 1.0.11...

6.5CVSS7.2AI score0.0022EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 8:48 a.m.5 views

CVE-2025-23977

Cross-Site Request Forgery CSRF vulnerability in Bhaskar Dhote Post Carousel Slider post-carousel-slider allows Stored XSS.This issue affects Post Carousel Slider: from n/a through = 2.0.1...

7.1CVSS7.2AI score0.00129EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/08 1:18 p.m.8 views

WordPress Magic Responsive Slider and Carousel WordPress plugin <= 1.6 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Magic Responsive Slider and Carousel WordPress versions = 1.6...

6.1CVSS6.1AI score0.00237EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2026/01/07 9:14 a.m.20 views

CVE-2024-2650

The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the alignment parameter in the Woo Product Carousel widget in all versions up to, and including, 5.9.10 due to insufficient inp...

6.4CVSS5.8AI score0.00356EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/07 9:14 a.m.10 views

CVE-2024-2121

The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Carousel widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...

5.4CVSS5.8AI score0.0034EPSS
Exploits0References1
CVE
CVE
added 2026/01/06 3:21 a.m.29 views

CVE-2025-11370

CVE-2025-11370 concerns the Depicter — Popup & Slider Builder plugin for WordPress (versions up to 4.0.7). The vulnerability arises from a missing capability check in RulesAjaxController::store, enabling unauthenticated users to modify popup display settings. Wordfence’s vulnerability entry (and ...

5.3CVSS5AI score0.00235EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/01/01 2:18 p.m.4 views

CVE-2025-62121

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo tc-logo-slider allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through =...

5.9CVSS5.9AI score0.00182EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/01 2:5 p.m.13 views

WordPress Owl Carousel WP plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by NumeX in WordPress Plugin Owl Carousel WP versions = 2.2.2...

5.9CVSS6.1AI score0.00218EPSS
Exploits0Affected Software1
NVD
NVD
added 2025/12/31 2:15 p.m.5 views

CVE-2025-62121

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo tc-logo-slider allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through =...

5.9CVSS0.00182EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/12/31 1:39 p.m.24 views

CVE-2025-62121 WordPress Logo Slider , Logo Carousel , Logo showcase , Client Logo plugin <= 1.8.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo tc-logo-slider allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through =...

5.9CVSS0.00182EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/12/31 1:39 p.m.4 views

CVE-2025-62121 WordPress Logo Slider , Logo Carousel , Logo showcase , Client Logo plugin <= 1.8.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through 1.8.1...

5.9CVSS5.6AI score0.00182EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/31 1:39 p.m.4 views

EUVD-2025-205963

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through 1.8.1...

5.9CVSS5.5AI score0.00182EPSS
Exploits0References2
CVE
CVE
added 2025/12/31 1:39 p.m.12 views

CVE-2025-62121

CVE-2025-62121 is described as a Stored XSS in the WordPress plugins under the Logo Slider/Carousel/Showcase family (Logo Slider, Logo Carousel, Logo showcase, Client Logo: tc-logo-slider). The vulnerability is due to improper neutralization of input during web page generation, allowing stored cr...

5.9CVSS5.9AI score0.00182EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/12/31 1:38 p.m.5 views

WordPress Logo Slider , Logo Carousel , Logo showcase , Client Logo plugin <= 1.8.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Logo Slider , Logo Carousel , Logo showcase , Client Logo versions = 1.8.1...

5.9CVSS5.9AI score0.00182EPSS
Exploits0Affected Software1
RedhatCVE
RedhatCVE
added 2025/12/31 11:5 a.m.3 views

CVE-2025-68996

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through = 15...

7.5CVSS7.1AI score0.00378EPSS
Exploits0References1
Rows per page
Query Builder