CVE-2023-23717

Auth. contributor+ Cross-Site Scripting XSS vulnerability in George Gecewicz Portfolio Slideshow plugin = 1.13.0 versions...

CVE-2023-23717 WordPress Portfolio Slideshow Plugin <= 1.13.0 is vulnerable to Cross Site Scripting (XSS)

Auth. contributor+ Cross-Site Scripting XSS vulnerability in George Gecewicz Portfolio Slideshow plugin = 1.13.0 versions...

CVE-2023-22682

Reflected Cross-Site Scripting XSS vulnerability in Manuel Masia | Pixedelic.Com Camera slideshow plugin = 1.4.0.1 versions...

CVE-2023-22682

The CVE-2023-22682 entry concerns the WordPress plugin Manuel Masia | Pixedelic.Com Camera slideshow (versions &lt;= 1.4.0.1). The root cause is a Reflected Cross-Site Scripting (XSS) vulnerability caused by insufficient sanitization/escaping of an input parameter before it is echoed back in the ...

PT-2023-18627 · Pixedelic.Com · Pixedelic.Com Camera Slideshow Plugin

Name of the Vulnerable Software and Affected Versions: Manuel Masia | Pixedelic.Com Camera slideshow plugin versions = 1.4.0.1 Description: The issue is a Reflected Cross-Site Scripting XSS vulnerability. This means an attacker can inject malicious scripts into otherwise trusted websites,...

CVE-2022-41554

Stored Cross-Site Scripting XSS vulnerability in John West Slideshow SE plugin = 2.5.5 versions...

CVE-2022-1692

The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack...

CVE-2022-1692

The CP Image Store with Slideshow WordPress plugin before 1.0.68 does not sanitise and escape the orderingby query parameter before using it in a SQL statement in pages where the codepeople-image-store is embed, allowing unauthenticated users to perform an SQL injection attack...

WordPress plugin CP Image Store with Slideshow SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. The WordPress plugin CP Image Store with Slideshow version 1.0.68 has a SQL injection...

WordPress Slideshow plugin跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation. WordPress is a set of blogging platforms developed using the PHP language. The WordPress plugin is an application plugin. WordPress Slideshow plugin 2.3.1 and earlier versions have a cross-site scripting vulnerability...

CVE-2022-1299

The Slideshow WordPress plugin through 2.3.1 does not sanitize and escape some of its default slideshow settings, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-1299

The Slideshow WordPress plugin through 2.3.1 does not sanitize and escape some of its default slideshow settings, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

Cross site scripting

The Slideshow WordPress plugin through 2.3.1 does not sanitize and escape some of its default slideshow settings, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed...

CVE-2022-29426

Authenticated contributor or higher user role Reflected Cross-Site Scripting XSS vulnerability in 2J Slideshow Team's Slideshow, Image Slider by 2J plugin = 1.3.54 at WordPress...

WordPress CP Image Store with Slideshow plugin <= 1.0.67 - Unauthenticated SQL Injection (SQLi) vulnerability

Unauthenticated SQL Injection SQLi vulnerability was discovered by Daniel Krohmer Fraunhofer IESE, Germany and Shi Chen University of Kaiserslautern, Germany in the WordPress CP Image Store with Slideshow plugin versions = 1.0.67. Solution Update the WordPress CP Image Store with Slideshow plugin...

WordPress Slideshow plugin <= 2.3.1 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress Slideshow plugin versions = 2.3.1. Solution Deactivate and delete. This plugin has been closed as of April 11, 2022 and is not available for download. This closure is temporary, pending a full review...

WordPress Slideshow plugin <= 2.3.1 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by WPScanTeam in WordPress Slideshow plugin versions = 2.3.1. Solution Deactivate and delete. This plugin has been closed as of April 11, 2022 and is not available for download. This closure is temporary, pending a full review...

WordPress Slideshow plugin <= 2.3.1 - Stored Cross-Site Scripting (XSS) vulnerability

Stored Cross-Site Scripting XSS vulnerability discovered by Fayçal CHENA in WordPress Slideshow plugin versions = 2.3.1. Solution Deactivate and delete. This plugin has been closed as of April 11, 2022 and is not available for download. This closure is temporary, pending a full review...

Slideshow <= 2.3.1 - Author+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its Slideshow settings, which could allow users with a role as low as Author to perform Cross-Site Scripting attacks PoC As author and above, create/edit a slideshow and put the following payload in the "Number of seconds the slide takes to slide in...

Slideshow <= 2.3.1 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape some of its default slideshow settings, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed PoC As admin, put the following payload in the "Number of seconds the...