1230 matches found
CVE-2025-58820
CVE-2025-58820 affects the WordPress plugin Themepoints Carousel Ultimate (versions up to 1.8). It is a Stored XSS due to improper input neutralization during web page generation. The vulnerability is documented with a Medium severity (CVSS 3.1 base 5.9) and currently listed as Unpatched; no expl...
CVE-2025-58820 WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...
CVE-2025-58820 WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...
CVE-2025-58816 WordPress Product Carousel Slider for Elementor Plugin <= 2.1.3 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Plugin Devs Product Carousel Slider for Elementor ecommerce-product-carousel-slider-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Carousel Slider for Elementor: from n/a through = 2.1.3...
CVE-2025-58816 WordPress Product Carousel Slider for Elementor Plugin <= 2.1.3 - Broken Access Control Vulnerability
Missing Authorization vulnerability in Plugin Devs Product Carousel Slider for Elementor ecommerce-product-carousel-slider-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Carousel Slider for Elementor: from n/a through = 2.1.3...
CVE-2025-58816
CVE-2025-58816 concerns WordPress Product Carousel Slider for Elementor (Plugin Devs). Affected versions are 2.1.3 when available.
WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability
Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Carousel Ultimate versions = 1.8...
WordPress Product Carousel Slider for Elementor Plugin <= 2.1.3 - Broken Access Control Vulnerability
Broken Access Control Vulnerability discovered by Peter Thaleikis in WordPress Plugin Product Carousel Slider for Elementor versions = 2.1.3...
WordPress plugin Product Carousel Slider for Elementor 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...
PT-2025-36159
Name of the Vulnerable Software and Affected Versions: Themepoints Carousel Ultimate versions through 1.8 Description: Themepoints Carousel Ultimate is susceptible to a cross-site scripting XSS issue due to improper neutralization of input during web page generation. This allows for stored XSS...
WordPress plugin Carousel Ultimate 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-36155
Name of the Vulnerable Software and Affected Versions: Product Carousel Slider for Elementor versions n/a through 2.1.3 Description: A missing authorization flaw exists in Product Carousel Slider for Elementor, allowing exploitation due to incorrectly configured access control security levels...
Owl Carousel 2 - Critical - Unsupported - SA-CONTRIB-2025-104
The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466s-becoming-owner-maintainer-or-co-mai...
Drupal Owl Carousel 2 module * - Authenticated Other Vulnerability Type vulnerability
Authenticated Other Vulnerability Type vulnerability discovered by Drupal Security Site in WordPress Module Owl Carousel 2 versions...
CVE-2025-52728
Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through = 15...
CVE-2025-7440 Anber Elementor Addon <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Carousel button link
The Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $item'buttonlink''url' parameter in all versions up to, and including, 1.0.1 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...
Malicious code in @sellerly-kit/carousel (npm)
The package @sellerly-kit/carousel was found to contain malicious code...
Malicious code in @sellerly-kit/szn-carousel (npm)
The package @sellerly-kit/szn-carousel was found to contain malicious code...
MAL-2025-9297 Malicious code in @sellerly-kit/carousel (npm)
The package @sellerly-kit/carousel was found to contain malicious code...
MAL-2025-9313 Malicious code in @sellerly-kit/szn-carousel (npm)
The package @sellerly-kit/szn-carousel was found to contain malicious code...