Lucene search
K

9 matches found

Nuclei
Nuclei
added yesterday5 views

OWL Carousel Slider - Cross-Site Scripting

OWL Carousel Slider WordPress plugin v2.2 contains a reflected cross-site scripting caused by unsanitized parameter output in the page, letting attackers execute arbitrary scripts in the context of high privilege users, exploit requires attacker to craft malicious URL. id: CVE-2024-13627 info:...

4.7CVSS7.2AI score0.00805EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/19 6:23 a.m.8 views

CVE-2024-13627

The OWL Carousel Slider WordPress plugin through 2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

4.7CVSS8.6AI score0.00805EPSS
Exploits1References1
Patchstack
Patchstack
added 2025/02/17 10:58 a.m.5 views

WordPress WP Touch Slider plugin <= 2.2 - Reflected XSS vulnerability

Reflected XSS vulnerability discovered by Hassan Khan Yusufzai - Splint3r7 in WordPress Plugin OWL Carousel Slider versions = 2.2...

4.7CVSS6.4AI score0.00805EPSS
Exploits1References1Affected Software1
OSV
OSV
added 2025/02/17 6:15 a.m.4 views

CVE-2024-13627

The OWL Carousel Slider WordPress plugin through 2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

4.7CVSS5.8AI score0.00805EPSS
Exploits1References1
NVD
NVD
added 2025/02/17 6:15 a.m.9 views

CVE-2024-13627

The OWL Carousel Slider WordPress plugin through 2.2 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...

4.7CVSS0.00805EPSS
Exploits1References1
CVE
CVE
added 2025/02/17 6:0 a.m.66 views

CVE-2024-13627

The CVE-2024-13627 entry concerns the OWL Carousel Slider WordPress plugin (versions up to 2.2). The connected docs confirm a vulnerability due to insufficient sanitisation/escaping of a parameter, resulting in a Reflected XSS. Impact is described as potentially affecting high-privilege users (e....

4.7CVSS6.1AI score0.00805EPSS
Exploits1References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/02/17 12:0 a.m.5 views

PT-2025-6587

Name of the Vulnerable Software and Affected Versions OWL Carousel Slider WordPress plugin versions 2.2 and earlier Description The issue is related to a Reflected Cross-Site Scripting problem. It occurs because a parameter is not properly sanitised and escaped before being outputted back in the...

4.7CVSS8AI score0.00805EPSS
Exploits1References5
NVD
NVD
added 2024/02/10 8:15 a.m.26 views

CVE-2024-24801

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LogicHunt OWL Carousel – WordPress Owl Carousel Slider allows Stored XSS.This issue affects OWL Carousel – WordPress Owl Carousel Slider: from n/a through 1.4.0...

6.5CVSS6.4AI score0.00333EPSS
Exploits0References1
Prion
Prion
added 2024/02/10 8:15 a.m.19 views

Cross site scripting

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LogicHunt OWL Carousel – WordPress Owl Carousel Slider allows Stored XSS.This issue affects OWL Carousel – WordPress Owl Carousel Slider: from n/a through 1.4.0...

4.9CVSS7.2AI score0.00333EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder