Lucene search
K

16 matches found

RedhatCVE
RedhatCVE
added 2025/12/13 3:59 a.m.4 views

CVE-2025-13889

The Simple Nivo Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' shortcode parameter in all versions up to, and including, 0.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5AI score0.00228EPSS
Exploits0References1
EUVD
EUVD
added 2025/12/12 6:31 a.m.4 views

EUVD-2025-203014

The Simple Nivo Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' shortcode parameter in all versions up to, and including, 0.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS4.7AI score0.00228EPSS
Exploits0References4
NVD
NVD
added 2025/12/12 4:15 a.m.11 views

CVE-2025-13889

The Simple Nivo Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' shortcode parameter in all versions up to, and including, 0.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00228EPSS
Exploits0References3
Cvelist
Cvelist
added 2025/12/12 3:20 a.m.35 views

CVE-2025-13889 Simple Nivo Slider <= 0.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Simple Nivo Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' shortcode parameter in all versions up to, and including, 0.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS0.00228EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2025/12/12 3:20 a.m.2 views

CVE-2025-13889 Simple Nivo Slider <= 0.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes

The Simple Nivo Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' shortcode parameter in all versions up to, and including, 0.5.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS4.7AI score0.00228EPSS
Exploits0References3
CVE
CVE
added 2025/12/12 3:20 a.m.16 views

CVE-2025-13889

CVE-2025-13889 : The Simple Nivo Slider WordPress plugin is vulnerable to a stored XSS via the shortcodes’ id parameter in all versions up to 0.5.6 due to insufficient input sanitization and output escaping. The issue requires authentication: attackers with Contributor-level access or higher can ...

6.4CVSS4.7AI score0.00228EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/12/12 12:0 a.m.7 views

WordPress plugin Simple Nivo Slider 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin... A cross-site scripti...

6.4CVSS5.7AI score0.00228EPSS
Exploits0References3
Patchstack
Patchstack
added 2025/12/11 8:41 p.m.7 views

WordPress Simple Nivo Slider plugin <= 0.5.6 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode Attributes vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Shortcode Attributes vulnerability discovered by Peter Thaleikis in WordPress Plugin Simple Nivo Slider versions = 0.5.6...

6.4CVSS5.5AI score0.00228EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/07 12:30 a.m.5 views

EUVD-2014-8575

Malware in sbrugna...

3.5CVSS6.4AI score0.01417EPSS
Exploits0References6
Packet Storm
Packet Storm
added 2019/03/27 12:0 a.m.72 views

Joomla ARI Image Slider 2.2.0 Cross Site Request Forgery / Shell Upload

Exploit Title : Joomla ARI Image Slider 2.2.0 CSRF Shell Upload Author Discovered By : KingSkrupellos Team : Cyberizm Digital Security Army Date : 27/03/2019 Vendor Homepage : ari-soft.com Software Download Link : ari-soft.com/Joomla-Components/ARI-Image-Slider/Detailed-product-flyer.html Softwar...

0.4AI score
Exploits0
NVD
NVD
added 2014/10/13 6:55 p.m.19 views

CVE-2014-8744

Cross-site scripting XSS vulnerability in the Nivo Slider module 7.x-2.x before 7.x-1.11 for Drupal allows remote authenticated users with the "administer nivo slider" permission to inject arbitrary web script or HTML via an image title...

3.5CVSS5.3AI score0.01417EPSS
Exploits0References5
Prion
Prion
added 2014/10/13 6:55 p.m.18 views

Cross site scripting

Cross-site scripting XSS vulnerability in the Nivo Slider module 7.x-2.x before 7.x-1.11 for Drupal allows remote authenticated users with the "administer nivo slider" permission to inject arbitrary web script or HTML via an image title...

3.5CVSS5.7AI score0.01417EPSS
Exploits0References5Affected Software1
CVE
CVE
added 2014/10/13 6:0 p.m.46 views

CVE-2014-8744

Affected software: Drupal Nivo Slider module, version 7.x-2.x prior to 7.x-1.11. Vulnerable component: the image title handling in the Nivo Slider module allows cross-site scripting. Root cause: insufficient sanitization of image titles permits injection of arbitrary script/HTML by remote authent...

3.5CVSS5.5AI score0.01417EPSS
Exploits0References5Affected Software1
Cvelist
Cvelist
added 2014/10/13 6:0 p.m.22 views

CVE-2014-8744

Cross-site scripting XSS vulnerability in the Nivo Slider module 7.x-2.x before 7.x-1.11 for Drupal allows remote authenticated users with the "administer nivo slider" permission to inject arbitrary web script or HTML via an image title...

5.3AI score0.01417EPSS
Exploits0References5
seebug.org
seebug.org
added 2014/03/25 12:0 a.m.25 views

Drupal Nivo Slider Module模块跨站脚本漏洞

Bugtraq ID:66327 Drupal是一套开放源码的内容管理平台。 Drupal Nivo Slider模块没有正确过滤图像标题数据,允许远程攻击者利用漏洞注入恶意脚本或HTML代码,当恶意数据被查看时,可获取敏感信息或劫持用户会话。 0 Drupal Nivo Slider Module 7.x Drupal Nivo Slider Module 7.x-1.11已经修复该漏洞,建议用户下载更新: http://drupal.org/project/nivoslider...

7.1AI score
Exploits0
Drupal
Drupal
added 2014/03/19 12:0 a.m.16 views

SA-CONTRIB-2014-033 - Nivo Slider - Cross Site Scripting

Nivo Slider provides a way to showcase featured content. Nivo Slider gives administrators a simple method of adding slides to the slideshow, an administration interface to configure slideshow settings, and simple slider positioning using the Drupal block system. The module doesn't sufficiently...

3.5CVSS6.4AI score0.01417EPSS
Exploits0References13
Rows per page
Query Builder