362 matches found
CVE-2025-25120
Missing Authorization vulnerability in Melodic Media Slide Banners slide-banners allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slide Banners: from n/a through = 1.3...
CVE-2025-25120
Missing Authorization vulnerability in Melodic Media Slide Banners slide-banners allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slide Banners: from n/a through = 1.3...
CVE-2025-25120 WordPress Slide Banners plugin <= 1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Melodic Media Slide Banners slide-banners allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Slide Banners: from n/a through = 1.3...
CVE-2025-25120
CVE-2025-25120 describes Missing Authorization (Broken Access Control) in WordPress Slide Banners plugin
CVE-2025-25120 WordPress Slide Banners plugin <= 1.3 - Broken Access Control vulnerability
Missing Authorization vulnerability in Melodic Media Slide Banners allows Exploiting Incorrectly Configured Access Control Security Levels. This issue affects Slide Banners: from n/a through 1.3...
WordPress plugin Slide Banners 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A security vulnerability exist...
CVE-2024-51690
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in neelam.samariya Wp Slide Categorywise wp-slide-categorywise allows Reflected XSS.This issue affects Wp Slide Categorywise: from n/a through = 1.1...
WordPress Slide Banners plugin <= 1.3 - Broken Access Control vulnerability
Broken Access Control vulnerability discovered by Trương Hữu Phúc truonghuuphuc in WordPress Plugin Slide Banners versions = 1.3...
CVE-2024-12073
The Meteor Slides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slideurlvalue' parameter in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level...
CVE-2024-51690 WordPress Wp Slide Categorywise plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in neelam.samariya Wp Slide Categorywise wp-slide-categorywise allows Reflected XSS.This issue affects Wp Slide Categorywise: from n/a through = 1.1...
CVE-2024-51690
CVE-2024-51690 is a reflected XSS vulnerability in the WordPress plugin WP Slide Categorywise. The issue arises from improper neutralization of input during web page generation, enabling reflected XSS. It affects WP Slide Categorywise versions up to 1.1. The CVSS v3.1 vector is AV:N/AC:L/PR:N/UI:...
CVE-2024-51690 WordPress Wp Slide Categorywise plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in neelam.samariya Wp Slide Categorywise wp-slide-categorywise allows Reflected XSS.This issue affects Wp Slide Categorywise: from n/a through = 1.1...
WordPress plugin Wp Slide Categorywise 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...
PT-2024-34837 · WordPress · Wp Slide Categorywise
Name of the Vulnerable Software and Affected Versions: Wp Slide Categorywise versions 1.1 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Reflected XSS attacks. Recommendations: F...
WordPress Wp Slide Categorywise plugin <= 1.1 - Reflected Cross Site Scripting (XSS) vulnerability
Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro Soares de Alcântara - Kinorth Patchstack Alliance in WordPress Plugin Wp Slide Categorywise versions = 1.1...
WordPress Wp Slide Categorywise Plugin <= 1.1 is vulnerable to Cross Site Scripting (XSS)
Software Wp Slide Categorywise Type Plugin Vulnerable versions = 1.1 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51690 Patch priority Medium CVSS severity Medium 7.1 Developer Claim ownership PSID 665f14e45c29 Credits João Pedro S Alcântara Kinorth...
Cross Site Scripting (XSS)
bootstrap is vulnerable to Cross Site Scripting XSS. The vulnerability is caused due to a missing sanitization in the href attribute of the tag while working with data-slide and data-slide-to attributes. This could enable an attacker to execute arbitrary JavaScript within the victim's browser...
CVE-2024-7144
The JetElements plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'id' and 'slideid' parameters in all versions up to, and including, 2.6.20 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-lev...
PT-2024-38107 · WordPress · Jetelements
Name of the Vulnerable Software and Affected Versions: JetElements plugin for WordPress versions up to, and including, 2.6.20 Description: The issue is related to Stored Cross-Site Scripting XSS due to insufficient input sanitization and output escaping. This allows authenticated attackers with...
CVE-2024-6948
A vulnerability classified as critical has been found in Gargaj wuhu up to 3faad49bfcc3895e9ff76a591d05c8941273d120. Affected is an unknown function of the file /slideeditor.php of the component Slide Editor. The manipulation of the argument newSlideFile leads to unrestricted upload. It is possib...