Lucene search
K

32 matches found

Vulnrichment
Vulnrichment
added 2024/02/29 4:49 a.m.11 views

CVE-2023-51530 WordPress GS Logo Slider Plugin <= 3.5.1 is vulnerable to Cross Site Request Forgery (CSRF)

Cross-Site Request Forgery CSRF vulnerability in GS Plugins Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation.This issue affects Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation: from n/a through 3.5.1...

4.3CVSS6.3AI score0.00241EPSS
Exploits0References1
CVE
CVE
added 2024/02/29 4:49 a.m.102 views

CVE-2023-51530

CVE-2023-51530 describes a Cross-Site Request Forgery (CSRF) vulnerability in the GS Logo Slider plugins (Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation) affecting versions up to 3.5.1. The CVE entry and related sources confirm CSRF as the underlying issue, ...

8.8CVSS6.3AI score0.00241EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/02/29 12:0 a.m.6 views

WordPress Plugin Logo Slider - Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation Cross-Site Request Forgery Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin Logo Slider - Logo Showcas...

8.8CVSS6.7AI score0.00241EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/02/28 12:0 a.m.5 views

PT-2024-14183 · Unknown · Gs Plugins Logo Slider

Name of the Vulnerable Software and Affected Versions: GS Plugins Logo Slider – Logo Showcase, Logo Carousel, Logo Gallery and Client Logo Presentation versions n/a through 3.5.1 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This type of vulnerability allows an attack...

8.8CVSS5.4AI score0.00241EPSS
Exploits0References6
OSV
OSV
added 2023/03/13 5:15 p.m.3 views

CVE-2023-0073

The Client Logo Carousel WordPress plugin through 3.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4CVSS6.1AI score0.00471EPSS
Exploits2References1
CVE
CVE
added 2023/03/13 4:3 p.m.60 views

CVE-2023-0073

The CVE-2023-0073 entry concerns the WordPress plugin Client Logo Carousel (≤ 3.0.0). The connected documents confirm that the vulnerability arises because certain shortcode attributes are not validated or escaped before being echoed on a page, enabling Stored XSS via a contributor+ user. The PoC...

5.4CVSS5.3AI score0.00471EPSS
Exploits2References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/03/13 4:3 p.m.7 views

CVE-2023-0073 Client Logo Carousel <= 3.0.0 - Contributor+ Stored XSS

The Client Logo Carousel WordPress plugin through 3.0.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...

5.4AI score0.00471EPSS
Exploits2References1
CNNVD
CNNVD
added 2023/03/13 12:0 a.m.4 views

WordPress plugin Client Logo Carousel 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blogs on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress...

5.4CVSS5.5AI score0.00471EPSS
Exploits2References2
Positive Technologies
Positive Technologies
added 2023/03/13 12:0 a.m.5 views

PT-2023-15990 · WordPress · Client Logo Carousel

Name of the Vulnerable Software and Affected Versions: The Client Logo Carousel WordPress plugin versions 3.0.0 and earlier Description: The issue is related to the plugin not validating and escaping some of its shortcode attributes before outputting them back in a page or post where the shortcod...

5.4CVSS5.9AI score0.00471EPSS
Exploits2References6
WPVulnDB
WPVulnDB
added 2023/02/14 12:0 a.m.19 views

Client Logo Carousel <= 3.0.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. PoC Note: 1. First, you need to add a...

5.4CVSS5AI score0.00471EPSS
Exploits2Affected Software1
wpexploit
wpexploit
added 2023/02/14 12:0 a.m.136 views

Client Logo Carousel <= 3.0.0 - Contributor+ Stored XSS

The plugin does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. Note: 1. First, you need to add a Carousel...

5.4CVSS5.2AI score0.00471EPSS
Exploits2
Patchstack
Patchstack
added 2023/01/27 12:0 a.m.8 views

WordPress Client Logo Carousel Plugin <= 3.0.0 is vulnerable to Cross Site Scripting (XSS)

Software Client Logo Carousel Type Plugin Vulnerable versions = 3.0.0 Fixed in 3.0.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE N/A Patch priority Medium CVSS severity Medium 6.5 Developer Claim ownership PSID 7a95db4d0d5d Credits Unknown Required...

5.9AI score
Exploits0References1Affected Software1
Rows per page
Query Builder