1694 matches found
WordPress Logo Slider plugin < 4.9.0 - Contributor+ Stored XSS vulnerability
Contributor+ Stored XSS vulnerability discovered by Alex Tselevich nos3curity in WordPress Plugin Logo Slider versions 4.9.0...
CVE-2025-13153
The Logo Slider WordPress plugin before 4.9.0 does not validate and escape some of its slider options before outputting them back in the dashboard, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2025-13153 Logo Slider < 4.9.0 - Contributor+ Stored XSS
The Logo Slider WordPress plugin before 4.9.0 does not validate and escape some of its slider options before outputting them back in the dashboard, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2025-13153 Logo Slider < 4.9.0 - Contributor+ Stored XSS
The Logo Slider WordPress plugin before 4.9.0 does not validate and escape some of its slider options before outputting them back in the dashboard, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2025-13153
CVE-2025-13153 — The Logo Slider WordPress plugin prior to 4.9.0 does not validate or escape certain slider options before echoing them in the dashboard, enabling Stored XSS for users with contributor+ privileges. Root cause: insufficient input validation/escaping in the plugin’s dashboard output...
EUVD-2026-0714
The Logo Slider WordPress plugin before 4.9.0 does not validate and escape some of its slider options before outputting them back in the dashboard, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
PT-2026-1051
Name of the Vulnerable Software and Affected Versions Logo Slider WordPress plugin versions prior to 4.9.0 Description The software does not properly validate and escape slider options before displaying them in the dashboard. This could allow users with contributor access or higher to perform...
WordPress plugin Logo Slider 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A security vulnerabili...
CVE-2025-62121
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo tc-logo-slider allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through =...
CVE-2025-15262
A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing a manipulation of the argument image results in unrestricted upload. Remote exploitation of the attack is possible. The...
CVE-2025-62121
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo tc-logo-slider allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through =...
CVE-2025-62121 WordPress Logo Slider , Logo Carousel , Logo showcase , Client Logo plugin <= 1.8.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo tc-logo-slider allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through =...
CVE-2025-62121
CVE-2025-62121 is described as a Stored XSS in the WordPress plugins under the Logo Slider/Carousel/Showcase family (Logo Slider, Logo Carousel, Logo showcase, Client Logo: tc-logo-slider). The vulnerability is due to improper neutralization of input during web page generation, allowing stored cr...
CVE-2025-62121 WordPress Logo Slider , Logo Carousel , Logo showcase , Client Logo plugin <= 1.8.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through 1.8.1...
EUVD-2025-205963
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Imran Emu Logo Slider , Logo Carousel , Logo showcase , Client Logo allows Stored XSS.This issue affects Logo Slider , Logo Carousel , Logo showcase , Client Logo: from n/a through 1.8.1...
WordPress Logo Slider , Logo Carousel , Logo showcase , Client Logo plugin <= 1.8.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Nabil Irawan in WordPress Plugin Logo Slider , Logo Carousel , Logo showcase , Client Logo versions = 1.8.1...
PT-2025-54330
Name of the Vulnerable Software and Affected Versions Imran Emu Logo Slider, Logo Carousel, Logo showcase, Client Logo versions through 1.8.1 Description The software contains a flaw due to improper input handling during web page generation, leading to a Cross-site Scripting XSS issue. This...
WordPress plugin Logo Slider , Logo Carousel , Logo showcase , Client Logo 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. WordPress plugin Logo...
CVE-2025-15262
A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing a manipulation of the argument image results in unrestricted upload. Remote exploitation of the attack is possible. The...
CVE-2025-15262
A security flaw has been discovered in BiggiDroid Simple PHP CMS 1.0. This impacts an unknown function of the file /admin/edit.php of the component Site Logo Handler. Performing a manipulation of the argument image results in unrestricted upload. Remote exploitation of the attack is possible. The...