Lucene search
K

1230 matches found

Patchstack
Patchstack
added 2025/12/23 11:49 a.m.5 views

WordPress Responsive Posts Carousel Pro plugin <= 15.2 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Responsive Posts Carousel Pro versions = 15.2...

6.5CVSS5.9AI score0.00133EPSS
Exploits0Affected Software1
Positive Technologies
Positive Technologies
added 2025/12/23 12:0 a.m.7 views

PT-2025-52748

Name of the Vulnerable Software and Affected Versions Responsive Posts Carousel Pro versions through 15.2 Description An issue exists in WebCodingPlace Responsive Posts Carousel Pro that allows for Stored Cross-site Scripting XSS. This occurs due to improper neutralization of input during web pag...

6.5CVSS6.1AI score0.00133EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/23 12:0 a.m.4 views

WordPress plugin Responsive Posts Carousel Pro 跨站脚本漏洞

...

6.5CVSS5.8AI score0.00133EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/11/06 7:17 a.m.2 views

CVE-2025-12388

The B Carousel Block – Responsive Image and Content Carousel plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.1.5. This is due to the plugin not validating user-supplied URLs before passing them to the wpremoterequest function. This makes it...

6.4CVSS5.7AI score0.00192EPSS
Exploits0References1
NVD
NVD
added 2025/11/05 7:15 a.m.3 views

CVE-2025-12388

The B Carousel Block – Responsive Image and Content Carousel plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.1.5. This is due to the plugin not validating user-supplied URLs before passing them to the wpremoterequest function. This makes it...

6.4CVSS0.00192EPSS
Exploits0References3
CVE
CVE
added 2025/11/05 6:35 a.m.12 views

CVE-2025-12388

The CVE-2025-12388 entry concerns the WordPress plugin “B Carousel Block – Responsive Image and Content Carousel” (versions up to and including 1.1.5). The connected sources corroborate a Server-Side Request Forgery (SSRF) vulnerability caused by failure to validate user-supplied URLs before pass...

6.4CVSS5.3AI score0.00192EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/11/05 6:35 a.m.3 views

CVE-2025-12388 B Carousel Block – Responsive Image and Content Carousel <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Server-Side Request Forgery

The B Carousel Block – Responsive Image and Content Carousel plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.1.5. This is due to the plugin not validating user-supplied URLs before passing them to the wpremoterequest function. This makes it...

6.4CVSS5.3AI score0.00192EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/11/05 6:35 a.m.5 views

CVE-2025-12388 B Carousel Block – Responsive Image and Content Carousel <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Server-Side Request Forgery

The B Carousel Block – Responsive Image and Content Carousel plugin for WordPress is vulnerable to Server-Side Request Forgery in versions up to, and including, 1.1.5. This is due to the plugin not validating user-supplied URLs before passing them to the wpremoterequest function. This makes it...

6.4CVSS0.00192EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/11/05 1:26 a.m.5 views

WordPress B Carousel Block plugin <= 1.1.5 - Missing Authorization to Authenticated (Subscriber+) Server-Side Request Forgery vulnerability

Missing Authorization to Authenticated Subscriber+ Server-Side Request Forgery vulnerability discovered by Sushi Com Abacate in WordPress Plugin B Carousel Block versions = 1.1.5...

6.4CVSS6.7AI score0.00192EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2025/11/05 12:0 a.m.2 views

WordPress plugin B Carousel Block – Responsive Image and Content Carousel 代码问题漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin B...

6.4CVSS6.7AI score0.00192EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/11/05 12:0 a.m.2 views

PT-2025-45090

Name of the Vulnerable Software and Affected Versions B Carousel Block – Responsive Image and Content Carousel versions up to and including 1.1.5 Description The B Carousel Block – Responsive Image and Content Carousel plugin for WordPress is susceptible to Server-Side Request Forgery. The issue...

6.4CVSS6.1AI score0.00192EPSS
Exploits0References6
OSV
OSV
added 2025/10/30 5:38 p.m.3 views

MAL-2025-49180 Malicious code in epic-react-carousel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dda6f7b41ec3fd32c4f9caa1846773d83aeef02ec9f72babd312048351b6211c The package epic-react-carousel was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/10/30 5:38 p.m.6 views

Malicious code in epic-react-carousel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector dda6f7b41ec3fd32c4f9caa1846773d83aeef02ec9f72babd312048351b6211c The package epic-react-carousel was found to contain malicious code...

7AI score
Exploits0
EUVD
EUVD
added 2025/10/30 5:38 p.m.5 views

EUVD-2025-37113

Malicious code in epic-react-carousel npm...

6.6AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/10/27 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2025-11717

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - When switching between Android apps using the card carousel Firefox shows a black screen as its card image when a password-related screen was the last one being...

9.1CVSS5.8AI score0.00244EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2025/10/26 6:36 a.m.14 views

CVE-2025-8666

The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions less than, or equal to, 11.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.3AI score0.00227EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/10/26 12:0 a.m.4 views

WordPress plugin Testimonial Carousel For Elementor 安全漏洞

WordPress and the WordPress plugin are products of the WordPress Foundation, a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerability exists in...

6.4CVSS5.7AI score0.00227EPSS
Exploits0References1
NVD
NVD
added 2025/10/25 6:15 a.m.3 views

CVE-2025-8666

The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions less than, or equal to, 11.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00227EPSS
Exploits0References6
CVE
CVE
added 2025/10/25 5:31 a.m.21 views

CVE-2025-8666

CVE-2025-8666 concerns the WordPress plugin Testimonial Carousel For Elementor (versions ≤ 11.6.2). The stored XSS vulnerability arises from insufficient input sanitization and output escaping across multiple parameters, enabling an attacker with Contributor-level access or higher to inject scrip...

6.4CVSS5AI score0.00227EPSS
Exploits0References6
Cvelist
Cvelist
added 2025/10/25 5:31 a.m.9 views

CVE-2025-8666 Testimonial Carousel For Elementor <= 11.6.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via Multiple Widgets

The Testimonial Carousel For Elementor plugin for WordPress is vulnerable to Stored Cross-Site Scripting via multiple parameters in versions less than, or equal to, 11.6.2 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00227EPSS
Exploits0References6
Rows per page
Query Builder