CVE-2026-5428

The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image captions in the Image Grid/Slider/Carousel widget in versions up to and including 1.7.1056. This is due to insufficient output escaping in the renderpostthumbnail function, where wpksespost is...

CVE-2024-32707

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in GhozyLab Image Slider Widget allows Stored XSS.This issue affects Image Slider Widget: from n/a through 1.1.125...

CVE-2024-32707

CVE-2024-32707 is a Stored XSS in the GhozyLab Image Slider Widget for WordPress, affecting Image Slider Widget versions up to 1.1.125. Root cause is improper neutralization of input during web page generation. The cited sources confirm the vulnerability and affected component but do not provide ...

WordPress Image Slider plugin <= 1.1.127 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jean Tirstan T Patchstack Alliance in WordPress Plugin Image Slider Widget versions = 1.1.127...

WordPress Image Slider Widget Plugin <= 1.1.127 is vulnerable to Cross Site Scripting (XSS)

Software Image Slider Widget Type Plugin Vulnerable versions = 1.1.127 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-32707 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID 8c3a71e7d4db Credits Jean Tirstan T Required privilege...