56 matches found
EUVD-2025-210360
Contributor Cross Site Scripting XSS in Image Carousel = 1.0.0.41 versions...
CVE-2025-68074
Contributor Cross Site Scripting XSS in Image Carousel = 1.0.0.41 versions...
CVE-2025-68074 WordPress Image Carousel plugin <= 1.0.0.41 - Cross Site Scripting (XSS) vulnerability
Contributor Cross Site Scripting XSS in Image Carousel = 1.0.0.41 versions...
CVE-2025-68074
CVE-2025-68074 is a documented Cross-Site Scripting (XSS) vulnerability affecting the WordPress Image Carousel plugin versions
WordPress Image Carousel plugin <= 1.0.0.41 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Image Carousel versions = 1.0.0.41...
PT-2026-52718
Name of the Vulnerable Software and Affected Versions Image Carousel versions prior to 1.0.0.42 Description Cross Site Scripting XSS exists in the Contributor role, allowing an attacker to execute malicious scripts in the browser of other users. Recommendations Update Image Carousel to a version...
WordPress WP Slick Slider and Image Carousel plugin <= 3.7.8.1 - Backdoor vulnerability
Backdoor vulnerability discovered by ? in WordPress Plugin WP Slick Slider and Image Carousel versions = 3.7.8.1...
EUVD-2023-32427
Malicious code in bioql PyPI...
EUVD-2024-45641
Malicious code in bioql PyPI...
EUVD-2023-32411
Malicious code in bioql PyPI...
EUVD-2025-23352
Malicious code in bioql PyPI...
CVE-2025-4684
The BlockSpare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML attributes of Image Carousel and Image...
CVE-2025-4684
CVE-2025-4684 affects the WordPress plugin BlockSpare (Gutenberg Blocks & Patterns) up to version 3.2.13.1. The vulnerability is a Stored Cross‑Site Scripting flaw stemming from insufficient input sanitization and output escaping in the HTML attributes of the Image Carousel and Image Slider widge...
CVE-2025-4684 BlockSpare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites <= 3.2.13.1 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Carousel and Image Slider Widgets
The BlockSpare: Gutenberg Blocks & Patterns for Blogs, Magazines, Business Sites – Post Grids, Sliders, Carousels, Counters, Page Builder & Starter Site Imports, No Coding Needed plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the HTML attributes of Image Carousel and Image...
CVE-2024-51842
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Sazzad Image Carousel Shortcode image-carousel-shortcode allows DOM-Based XSS.This issue affects Image Carousel Shortcode: from n/a through = 1.2...
CVE-2023-28792
Unauth. Reflected Cross-Site Scripting XSS vulnerability in I Thirteen Web Solution Continuous Image Carousel With Lightbox plugin = 1.0.15 versions...
CVE-2023-0589
The WP Image Carousel WordPress plugin through 1.0.2 does not sanitise and escape some parameters, which could allow users with a role as low as contributor to perform Cross-Site Scripting attacks...
WordPress Divi Carousel Lite plugin <= 2.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Carousel and Logo Carousel Widgets vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Image Carousel and Logo Carousel Widgets vulnerability discovered by Webbernaut in WordPress Plugin Divi Carousel Lite versions = 2.0.4...
CVE-2025-0350
The Divi Carousel Maker – Image, Logo, Testimonial, Post Carousel & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Carousel and Logo Carousel in all versions up to, and including, 2.0.4 due to insufficient input sanitization and output escaping on us...
CVE-2025-0350 Divi Carousel Lite <= 2.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Carousel and Logo Carousel Widgets
The Divi Carousel Maker – Image, Logo, Testimonial, Post Carousel & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Carousel and Logo Carousel in all versions up to, and including, 2.0.4 due to insufficient input sanitization and output escaping on us...