Lucene search
+L

144 matches found

Patchstack
Patchstack
added 2025/08/15 1:24 p.m.10 views

WordPress Vertical scroll slideshow gallery v2 plugin <= 9.1 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Peter Thaleikis Patchstack Alliance in WordPress Plugin Vertical scroll slideshow gallery v2 versions = 9.1...

8.5CVSS8AI score0.00417EPSS
Exploits0Affected Software1
CNNVD
CNNVD
added 2025/08/15 12:0 a.m.8 views

WordPress plugin Vertical scroll slideshow gallery SQL injection vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

8.8CVSS5.9AI score0.00417EPSS
Exploits0References3
CNNVD
CNNVD
added 2025/07/18 12:0 a.m.9 views

WordPress plugin Vertical scroll image slideshow gallery cross-site scripting vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists...

6.4CVSS5.4AI score0.00218EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/07/06 9:7 a.m.14 views

CVE-2025-30979

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus Pixelating image slideshow gallery pixelating-image-slideshow-gallery allows SQL Injection.This issue affects Pixelating image slideshow gallery: from n/a through = 8.0...

8.5CVSS5.9AI score0.00246EPSS
Exploits0References1
NVD
NVD
added 2025/07/04 9:15 a.m.8 views

CVE-2025-30979

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in gopiplus Pixelating image slideshow gallery pixelating-image-slideshow-gallery allows SQL Injection.This issue affects Pixelating image slideshow gallery: from n/a through = 8.0...

8.5CVSS0.00246EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 9:0 a.m.9 views

CVE-2024-47376

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tribulant Software Slideshow Gallery slideshow-gallery allows Cross-Site Scripting XSS.This issue affects Slideshow Gallery: from n/a through = 1.8.3...

5.9CVSS5.9AI score0.00261EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:40 a.m.10 views

CVE-2024-31353

Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8...

5.3CVSS8.6AI score0.0047EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:38 a.m.7 views

CVE-2024-31354

Cross-Site Request Forgery CSRF vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8...

4.3CVSS8.6AI score0.002EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:39 a.m.9 views

CVE-2024-51914

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus drop in image slideshow gallery drop-in-image-slideshow-gallery allows DOM-Based XSS.This issue affects drop in image slideshow gallery: from n/a through = 12.0...

6.5CVSS7.2AI score0.00285EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 4:51 a.m.8 views

CVE-2023-28491

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tribulant Slideshow Gallery LITE.This issue affects Slideshow Gallery LITE: from n/a through 1.7.6...

7.2CVSS7.8AI score0.00762EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 3:19 a.m.6 views

CVE-2023-28497

Cross-Site Request Forgery CSRF vulnerability in Tribulant Slideshow Gallery LITE plugin = 1.7.6 versions...

8.8CVSS7AI score0.00284EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 6:25 p.m.7 views

CVE-2021-24882

The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise and escape the Slide "Title", "Description", and Gallery "Title" fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

4.8CVSS6AI score0.00598EPSS
Exploits2References1
RedhatCVE
RedhatCVE
added 2025/05/22 7:6 a.m.15 views

CVE-2018-17946

The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress has XSS via the id, method, Gallerymessage, Galleryerror, or Galleryupdated parameter...

6.1CVSS6AI score0.00844EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/02/05 12:28 a.m.10 views

CVE-2024-31355

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8...

8.5CVSS8.9AI score0.00517EPSS
Exploits0References1
NVD
NVD
added 2024/11/19 5:15 p.m.43 views

CVE-2024-51914

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus drop in image slideshow gallery drop-in-image-slideshow-gallery allows DOM-Based XSS.This issue affects drop in image slideshow gallery: from n/a through = 12.0...

6.5CVSS0.00285EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/11/19 4:31 p.m.11 views

CVE-2024-51914 WordPress drop in image slideshow gallery plugin <= 12.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Gopi Ramasamy drop in image slideshow gallery allows DOM-Based XSS.This issue affects drop in image slideshow gallery: from n/a through 12.0...

6.5CVSS6.9AI score0.00285EPSS
Exploits0References1
CVE
CVE
added 2024/11/19 4:31 p.m.51 views

CVE-2024-51914

CVE-2024-51914: WordPress plugin drop in image slideshow gallery (pre-12.0) has a DOM-based XSS vulnerability due to improper input neutralization during page generation. Exploitation details are not provided in the documents, but CVSS notes indicate network access with low attack complexity and ...

6.5CVSS7.2AI score0.00285EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/19 12:0 a.m.7 views

PT-2024-35047 · Unknown · Drop In Image Slideshow Gallery

Name of the Vulnerable Software and Affected Versions: drop in image slideshow gallery versions prior to 12.0 Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based Cross-site Scripting XSS. This means that an attacker could...

6.5CVSS6.5AI score0.00285EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/11/19 12:0 a.m.6 views

WordPress plugin drop in image slideshow gallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exists i...

6.5CVSS7.4AI score0.00285EPSS
Exploits0References1
NVD
NVD
added 2024/10/05 4:15 p.m.15 views

CVE-2024-47376

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Tribulant Software Slideshow Gallery slideshow-gallery allows Cross-Site Scripting XSS.This issue affects Slideshow Gallery: from n/a through = 1.8.3...

5.9CVSS0.00261EPSS
Exploits0References1
Rows per page
Query Builder