Lucene search
K

144 matches found

Vulnrichment
Vulnrichment
added 2024/10/05 3:13 p.m.13 views

CVE-2024-47376 WordPress Slideshow Gallery LITE plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation XSS or 'Cross-site Scripting' vulnerability in Tribulant Slideshow Gallery allows Stored XSS.This issue affects Slideshow Gallery: from n/a through 1.8.3...

5.9CVSS6.8AI score0.00261EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/10/05 12:0 a.m.3 views

WordPress plugin Slideshow Gallery 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.9CVSS6.2AI score0.00261EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/10/05 12:0 a.m.5 views

PT-2024-32594 · Tribulant · Tribulant Slideshow Gallery

Name of the Vulnerable Software and Affected Versions: Tribulant Slideshow Gallery versions 1.8.3 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting XSS. This allows for Stored XSS, where an attacker can...

5.9CVSS6.5AI score0.00261EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/09/30 10:31 a.m.4 views

WordPress Slideshow Gallery LITE plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Hakiduck Patchstack Alliance in WordPress Plugin Slideshow Gallery versions = 1.8.3...

5.9CVSS6.1AI score0.00261EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/09/30 12:0 a.m.10 views

WordPress Slideshow Gallery Plugin <= 1.8.3 is vulnerable to Cross Site Scripting (XSS)

Software Slideshow Gallery Type Plugin Vulnerable versions = 1.8.3 Fixed in 1.8.4 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-47376 Patch priority Low CVSS severity Low 5.9 Developer Claim ownership PSID da732a2224b9 Credits Hakiduck Required privilege...

5.9CVSS6.5AI score0.00261EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2024/06/12 1:55 a.m.24 views

CVE-2024-5543 Slideshow Gallery LITE <= 1.8.1 - Authenticated (Contributor+) SQL Injection

The Slideshow Gallery LITE plugin for WordPress is vulnerable to time-based SQL Injection via the id parameter in all versions up to, and including, 1.8.1 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possib...

8.1CVSS0.00486EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/06/11 1:43 p.m.4 views

Wordpress Slideshow Gallery LITE plugin <= 1.8.1 - Authenticated (Contributor+) SQL Injection vulnerability

Authenticated Contributor+ SQL Injection vulnerability discovered by Krzysztof Zając in WordPress Plugin Left right image slideshow gallery versions = 1.8.1...

8.1CVSS8.1AI score0.00486EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/11 12:0 a.m.9 views

WordPress Left right image slideshow gallery Plugin <= 1.8.1 is vulnerable to SQL Injection

Software Left right image slideshow gallery Type Plugin Vulnerable versions = 1.8.1 Fixed in 1.8.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-5543 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 26f19037ceb8 Credits Krzysztof Zając Required...

8.1CVSS6.8AI score0.00486EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2024/04/12 1:15 p.m.27 views

CVE-2024-31354

Cross-Site Request Forgery CSRF vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8...

4.3CVSS4.6AI score0.002EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/12 12:24 p.m.28 views

CVE-2024-31354 WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8...

4.3CVSS5AI score0.002EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/12 12:24 p.m.22 views

CVE-2024-31354 WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Cross Site Request Forgery (CSRF) vulnerability

Cross-Site Request Forgery CSRF vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8...

4.3CVSS8.5AI score0.002EPSS
Exploits0References1
CVE
CVE
added 2024/04/12 12:24 p.m.55 views

CVE-2024-31354

CVE-2024-31354 documents a Cross-Site Request Forgery (CSRF) vulnerability in the Tribulant Slideshow Gallery WordPress plugin, affecting Slideshow Gallery LITE versions up to and including 1.7.8. Public details indicate a CSRF condition but do not specify an attacker vector beyond CSRF. The NVD ...

4.3CVSS8.5AI score0.002EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/04/12 12:0 a.m.4 views

WordPress Plugin Slideshow Gallery LITE 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site request forgery vulnerability...

4.3CVSS8.4AI score0.002EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/04/12 12:0 a.m.5 views

PT-2024-23998 · Tribulant · Tribulant Slideshow Gallery

Name of the Vulnerable Software and Affected Versions: Tribulant Slideshow Gallery versions 1.7.8 and earlier Description: The issue is a Cross-Site Request Forgery CSRF vulnerability. This means an attacker can trick a user into performing unintended actions on a web application that the user is...

4.3CVSS9.3AI score0.002EPSS
Exploits0References2
WPVulnDB
WPVulnDB
added 2024/04/11 12:0 a.m.21 views

Slideshow Gallery < 1.7.9 - Settings Reset via CSRF

Description The plugin does not have CSRF check in place when resetting its settings, which could allow attackers to make a logged in admin reset them via a CSRF attack...

4.3CVSS5.5AI score0.002EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2024/04/10 5:15 p.m.17 views

CVE-2024-31355

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8...

8.5CVSS8.9AI score0.00517EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/04/10 4:23 p.m.21 views

CVE-2024-31355 WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Auth. SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8...

8.5CVSS9AI score0.00517EPSS
Exploits0References1
CVE
CVE
added 2024/04/10 4:23 p.m.63 views

CVE-2024-31355

CVE-2024-31355 is an authenticated SQL injection vulnerability in the Tribulant Slideshow Gallery plugin for WordPress, affecting Slideshow Gallery LITE up to version 1.7.8. An attacker with at least Contributor+ privileges can exploit the flaw to manipulate the SQL query, potentially impacting c...

8.5CVSS8.9AI score0.00517EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/04/10 4:23 p.m.15 views

CVE-2024-31355 WordPress Slideshow Gallery LITE plugin <= 1.7.8 - Auth. SQL Injection vulnerability

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8...

8.5CVSS8.9AI score0.00517EPSS
Exploits0References1
OSV
OSV
added 2024/04/10 4:15 p.m.6 views

CVE-2024-31353

Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8...

5.3CVSS7.3AI score0.0047EPSS
Exploits0References1
Rows per page
Query Builder