WordPress plugin Slider by 10Web 安全漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A security vulnerability...

CVE-2024-6408

The Slider by 10Web WordPress plugin before 1.2.57 does not sanitise and escape its Slider Title, which could allow high privilege users such as editors and above to perform Cross-Site Scripting attacks even when unfilteredhtml is disallowed...

CVE-2024-32578

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in 10Web Slider by 10Web allows Reflected XSS.This issue affects Slider by 10Web: from n/a through 1.2.54...

PT-2024-24699 · 10Web · 10Web Slider

Name of the Vulnerable Software and Affected Versions: 10Web Slider by 10Web versions 1.2.54 and earlier Description: The issue is related to Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting. This allows for Reflected XSS. Recommendations: For versio...

CVE-2021-24132

The Slider by 10Web WordPress plugin, versions before 1.2.36, in the bulkaction, exportfull and savesliderdb functionalities of the plugin were vulnerable, allowing a high privileged user Admin, or medium one such as Contributor+ if "Role Options" is turn on for other users to perform a SQL...