EUVD-2021-24771

Malware in sbrugna...

CVE-2021-38318

The 3D Cover Carousel WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter in the /cover-carousel.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0...

Cross site scripting

The 3D Cover Carousel WordPress plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter in the /cover-carousel.php file which allows attackers to inject arbitrary web scripts, in versions up to and including 1.0...

CVE-2021-38318

CVE-2021-38318 concerns the WordPress plugin “3D Cover Carousel” (versions ≤ 1.0). The vulnerability is a Reflected Cross-Site Scripting (XSS) via the id parameter in ~/cover-carousel.php, enabling injection of arbitrary scripts. Affected component is the plugin’s PHP code handling the id input; ...

3D Cover Carousel <= 1.0 - Reflected Cross-Site Scripting

Description The plugin is vulnerable to Reflected Cross-Site Scripting via the id parameter in the /cover-carousel.php file which allows attackers to inject arbitrary web scripts...

WordPress 插件跨站脚本漏洞

WordPress is a set of blogging platforms developed using the PHP language by the WordPress Wordpress Foundation. The platform supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in WordPress plugin 3D Cover Carousel 1.0 and earlier versions, which...

WordPress 3D Cover Carousel plugin <= 1.0 - Reflected Cross-Site Scripting (XSS) vulnerability

Reflected Cross-Site Scripting XSS vulnerability discovered by p7e4 in WordPress 3D Cover Carousel plugin versions = 1.0. Solution This plugin has been closed as of September 7, 2021 and is not available for download. This closure is temporary, pending a full review...