28 matches found
WordPress WP TripAdvisor Review Slider <10.8 - Authenticated SQL Injection
WordPress WP TripAdvisor Review Slider plugin before 10.8 is susceptible to authenticated SQL injection. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber. This can lead...
EUVD-2026-44890
The WP TripAdvisor Review Slider plugin for WordPress is vulnerable to generic SQL Injection via the 'filtersource' parameter in all versions up to, and including, 14.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This...
CVE-2026-15651
The CVE concerns the WP TripAdvisor Review Slider plugin for WordPress. All versions up to 14.6 are vulnerable to a generic SQL Injection via the filtersource parameter due to insufficient escaping of user input and lack of proper SQL query preparation. Exploitation is described as feasible by au...
CVE-2026-32490
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jgwhite33 WP TripAdvisor Review Slider wp-tripadvisor-review-slider allows Stored XSS.This issue affects WP TripAdvisor Review Slider: from n/a through = 14.1...
CVE-2026-32490
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jgwhite33 WP TripAdvisor Review Slider wp-tripadvisor-review-slider allows Stored XSS.This issue affects WP TripAdvisor Review Slider: from n/a through = 14.1...
CVE-2026-32490
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jgwhite33 WP TripAdvisor Review Slider wp-tripadvisor-review-slider allows Stored XSS.This issue affects WP TripAdvisor Review Slider: from n/a through = 14.1...
CVE-2026-32490 WordPress WP TripAdvisor Review Slider plugin <= 14.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jgwhite33 WP TripAdvisor Review Slider wp-tripadvisor-review-slider allows Stored XSS.This issue affects WP TripAdvisor Review Slider: from n/a through = 14.1...
CVE-2026-32490 WordPress WP TripAdvisor Review Slider plugin <= 14.1 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jgwhite33 WP TripAdvisor Review Slider wp-tripadvisor-review-slider allows Stored XSS.This issue affects WP TripAdvisor Review Slider: from n/a through = 14.1...
CVE-2026-32490
The connected document identifies a concrete vulnerability: Cross Site Scripting (XSS) in the WordPress plugin WP TripAdvisor Review Slider, affecting versions up to 14.1. The vulnerability details are limited to the existence of an XSS issue discovered by Doan Dinh Van; no root cause, affected f...
WordPress plugin WP TripAdvisor Review Slider 安全漏洞
WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. There is...
PT-2026-28004
Name of the Vulnerable Software and Affected Versions WP TripAdvisor Review Slider versions n/a through 14.1 Description The software contains a flaw due to improper handling of user-supplied data during the creation of web pages, which can lead to cross-site scripting XSS. This allows for the...
WordPress WP TripAdvisor Review Slider plugin <= 14.1 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Doan Dinh Van in WordPress Plugin WP TripAdvisor Review Slider versions = 14.1...
EUVD-2024-35391
Malicious code in bioql PyPI...
CVE-2023-0261
The WP TripAdvisor Review Slider WordPress plugin before 10.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber...
CVE-2024-35630 WordPress WP TripAdvisor Review Slider plugin <= 12.6 - SQL Injection vulnerability
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LJ Apps WP TripAdvisor Review Slider allows Blind SQL Injection.This issue affects WP TripAdvisor Review Slider: from n/a through 12.6...
CVE-2023-6037
The WP TripAdvisor Review Slider WordPress plugin before 11.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-6037
The WP TripAdvisor Review Slider WordPress plugin before 11.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-6037 WP TripAdvisor Review Slider < 11.9 - Admin+ Stored XSS
The WP TripAdvisor Review Slider WordPress plugin before 11.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2023-6037
CVE-2023-6037 affects the WordPress plugin WP TripAdvisor Review Slider up to version 11.9. The flaw arises because the plugin does not sanitize and escape certain settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admin), even when the unfiltered_html capability is dis...
PT-2024-14859 · WordPress · Wp Tripadvisor Review Slider
Name of the Vulnerable Software and Affected Versions: WP TripAdvisor Review Slider WordPress plugin versions prior to 11.9 Description: The WP TripAdvisor Review Slider WordPress plugin does not sanitise and escape some of its settings, which could allow high privilege users such as admin to...