PT-2026-48630

Authorization bypass through User-Controlled key vulnerability in Essential Plugin WP Logo Showcase Responsive Slider and Carousel allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects WP Logo Showcase Responsive Slider and Carousel: from n/a through 3.6...

PT-2026-4142

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in highwarden Super Logos Showcase superlogoshowcase-wp allows Reflected XSS.This issue affects Super Logos Showcase: from n/a through = 2.8...

CVE-2025-58684 WordPress Logo Showcase plugin <= 4.0.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Themepoints Logo Showcase logo-showcase allows Stored XSS.This issue affects Logo Showcase: from n/a through = 4.0.1...

CVE-2025-58684

CVE-2025-58684 : Stored XSS in WordPress plugin Logo Showcase (Logo Showcase – Responsive Logo Carousel, Grid, List & Ticker). Affected component/issue: improper neutralization of input during web page generation. Impact: stored XSS vulnerability in logos/grid rendering. Affected versions: up to ...

CVE-2021-24730

The Logo Showcase with Slick Slider WordPress plugin before 1.2.5 does not have CSRF and authorisation checks in the lswsssaveattachmentdata AJAX action, allowing any authenticated users, such as Subscriber, to change title, description, alt text, and URL of arbitrary uploaded media...