1230 matches found
PT-2026-4214
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Owl Carousel WP owl-carousel-wp allows Stored XSS.This issue affects Owl Carousel WP: from n/a through = 2.2.2...
PT-2026-3967
Name of the Vulnerable Software and Affected Versions Magic Responsive Slider and Carousel WordPress versions prior to 1.6 Description The software contains a flaw due to improper neutralization of input during web page generation, which allows for Reflected Cross-site Scripting XSS. This means a...
CVE-2023-50100
JFinalcms 5.0.0 is vulnerable to Cross Site Scripting XSS via carousel image editing...
CVE-2018-18931
An issue was discovered in the Tightrope Media Carousel digital signage product 7.0.4.104. Due to insecure default permissions on the C:\TRMS\Services directory, an attacker who has gained access to the system can elevate their privileges from a restricted account to full SYSTEM by replacing the...
CVE-2023-25457
Missing Authorization vulnerability in Richteam Slider Carousel – Responsive Image Slider.This issue affects Slider Carousel – Responsive Image Slider: from n/a through 1.5.1...
CVE-2025-23933
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in wpfreeware WpF Ultimate Carousel wpf-ultimate-carousel allows Stored XSS.This issue affects WpF Ultimate Carousel: from n/a through = 1.0.11...
CVE-2025-23977
Cross-Site Request Forgery CSRF vulnerability in Bhaskar Dhote Post Carousel Slider post-carousel-slider allows Stored XSS.This issue affects Post Carousel Slider: from n/a through = 2.0.1...
WordPress Magic Responsive Slider and Carousel WordPress plugin <= 1.6 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Magic Responsive Slider and Carousel WordPress versions = 1.6...
CVE-2024-2650
The Essential Addons for Elementor – Best Elementor Templates, Widgets, Kits & WooCommerce Builders plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the alignment parameter in the Woo Product Carousel widget in all versions up to, and including, 5.9.10 due to insufficient inp...
CVE-2024-2121
The Elementor Website Builder Pro plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Media Carousel widget in all versions up to, and including, 3.20.1 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible fo...
CVE-2025-11370
CVE-2025-11370 concerns the Depicter — Popup & Slider Builder plugin for WordPress (versions up to 4.0.7). The vulnerability arises from a missing capability check in RulesAjaxController::store, enabling unauthenticated users to modify popup display settings. Wordfence’s vulnerability entry (and ...
CVE-2025-62121
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo tc-logo-slider allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through =...
WordPress Owl Carousel WP plugin <= 2.2.2 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by NumeX in WordPress Plugin Owl Carousel WP versions = 2.2.2...
CVE-2025-62121
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo tc-logo-slider allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through =...
CVE-2025-62121 WordPress Logo Slider , Logo Carousel , Logo showcase , Client Logo plugin <= 1.8.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo tc-logo-slider allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through =...
CVE-2025-62121 WordPress Logo Slider , Logo Carousel , Logo showcase , Client Logo plugin <= 1.8.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through 1.8.1...
EUVD-2025-205963
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through 1.8.1...
CVE-2025-62121
CVE-2025-62121 is described as a Stored XSS in the WordPress plugins under the Logo Slider/Carousel/Showcase family (Logo Slider, Logo Carousel, Logo showcase, Client Logo: tc-logo-slider). The vulnerability is due to improper neutralization of input during web page generation, allowing stored cr...
WordPress Logo Slider , Logo Carousel , Logo showcase , Client Logo plugin <= 1.8.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Logo Slider , Logo Carousel , Logo showcase , Client Logo versions = 1.8.1...
CVE-2025-68996
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through = 15...