Lucene search
K

1230 matches found

CVE
CVE
added 2025/09/05 1:45 p.m.9 views

CVE-2025-58820

CVE-2025-58820 affects the WordPress plugin Themepoints Carousel Ultimate (versions up to 1.8). It is a Stored XSS due to improper input neutralization during web page generation. The vulnerability is documented with a Medium severity (CVSS 3.1 base 5.9) and currently listed as Unpatched; no expl...

5.9CVSS5.9AI score0.0021EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/05 1:45 p.m.9 views

CVE-2025-58820 WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

5.9CVSS0.0021EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/05 1:45 p.m.3 views

CVE-2025-58820 WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Carousel Ultimate carousel allows Stored XSS.This issue affects Carousel Ultimate: from n/a through = 1.8...

5.9CVSS5.9AI score0.0021EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/05 1:45 p.m.25 views

CVE-2025-58816 WordPress Product Carousel Slider for Elementor Plugin <= 2.1.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Plugin Devs Product Carousel Slider for Elementor ecommerce-product-carousel-slider-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Carousel Slider for Elementor: from n/a through = 2.1.3...

3.5CVSS0.00225EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/05 1:45 p.m.2 views

CVE-2025-58816 WordPress Product Carousel Slider for Elementor Plugin <= 2.1.3 - Broken Access Control Vulnerability

Missing Authorization vulnerability in Plugin Devs Product Carousel Slider for Elementor ecommerce-product-carousel-slider-for-elementor allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Product Carousel Slider for Elementor: from n/a through = 2.1.3...

3.5CVSS5.9AI score0.00225EPSS
Exploits0References1
CVE
CVE
added 2025/09/05 1:45 p.m.14 views

CVE-2025-58816

CVE-2025-58816 concerns WordPress Product Carousel Slider for Elementor (Plugin Devs). Affected versions are 2.1.3 when available.

3.5CVSS5.9AI score0.00225EPSS
Exploits0References1
Patchstack
Patchstack
added 2025/09/05 1:28 p.m.5 views

WordPress Carousel Ultimate Plugin <= 1.8 - Cross Site Scripting (XSS) Vulnerability

Cross Site Scripting XSS Vulnerability discovered by Nabil Irawan in WordPress Plugin Carousel Ultimate versions = 1.8...

5.9CVSS6AI score0.0021EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/09/05 1:27 p.m.10 views

WordPress Product Carousel Slider for Elementor Plugin <= 2.1.3 - Broken Access Control Vulnerability

Broken Access Control Vulnerability discovered by Peter Thaleikis in WordPress Plugin Product Carousel Slider for Elementor versions = 2.1.3...

3.5CVSS6.7AI score0.00225EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.2 views

WordPress plugin Product Carousel Slider for Elementor 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exists in the...

3.5CVSS6.5AI score0.00225EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/09/05 12:0 a.m.3 views

PT-2025-36159

Name of the Vulnerable Software and Affected Versions: Themepoints Carousel Ultimate versions through 1.8 Description: Themepoints Carousel Ultimate is susceptible to a cross-site scripting XSS issue due to improper neutralization of input during web page generation. This allows for stored XSS...

5.9CVSS4.9AI score0.0021EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/09/05 12:0 a.m.2 views

WordPress plugin Carousel Ultimate 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS5.7AI score0.0021EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/05 12:0 a.m.6 views

PT-2025-36155

Name of the Vulnerable Software and Affected Versions: Product Carousel Slider for Elementor versions n/a through 2.1.3 Description: A missing authorization flaw exists in Product Carousel Slider for Elementor, allowing exploitation due to incorrectly configured access control security levels...

3.5CVSS6.3AI score0.00225EPSS
Exploits0References3
Drupal
Drupal
added 2025/08/27 12:0 a.m.10 views

Owl Carousel 2 - Critical - Unsupported - SA-CONTRIB-2025-104

The security team is marking this project unsupported. There is a known security issue with the project that has not been fixed by the maintainer. If you would like to maintain this project, please read: https://www.drupal.org/node/251466s-becoming-owner-maintainer-or-co-mai...

5.3CVSS5.4AI score0.00229EPSS
Exploits0References2
Patchstack
Patchstack
added 2025/08/27 12:0 a.m.5 views

Drupal Owl Carousel 2 module * - Authenticated Other Vulnerability Type vulnerability

Authenticated Other Vulnerability Type vulnerability discovered by Drupal Security Site in WordPress Module Owl Carousel 2 versions...

5.3CVSS6.8AI score0.00229EPSS
Exploits0References1Affected Software1
RedhatCVE
RedhatCVE
added 2025/08/16 11:25 a.m.4 views

CVE-2025-52728

Improper Control of Filename for Include/Require Statement in PHP Program 'PHP Remote File Inclusion' vulnerability in WebCodingPlace Responsive Posts Carousel Pro responsive-posts-carousel-pro allows PHP Local File Inclusion.This issue affects Responsive Posts Carousel Pro: from n/a through = 15...

7.5CVSS5.9AI score0.00458EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/16 3:38 a.m.7 views

CVE-2025-7440 Anber Elementor Addon <= 1.0.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Carousel button link

The Anber Elementor Addon plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the $item'buttonlink''url' parameter in all versions up to, and including, 1.0.1 to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00226EPSS
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.4 views

Malicious code in @sellerly-kit/carousel (npm)

The package @sellerly-kit/carousel was found to contain malicious code...

7AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2025/08/14 6:52 p.m.3 views

Malicious code in @sellerly-kit/szn-carousel (npm)

The package @sellerly-kit/szn-carousel was found to contain malicious code...

7AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-9297 Malicious code in @sellerly-kit/carousel (npm)

The package @sellerly-kit/carousel was found to contain malicious code...

7.2AI score
Exploits0
OSV
OSV
added 2025/08/14 6:52 p.m.1 views

MAL-2025-9313 Malicious code in @sellerly-kit/szn-carousel (npm)

The package @sellerly-kit/szn-carousel was found to contain malicious code...

7.2AI score
Exploits0
Rows per page
Query Builder