Lucene search
K

5 matches found

NVD
NVD
added 2026/06/18 1:25 p.m.13 views

CVE-2026-2021

The Slideshow Gallery LITE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alwaysauto' shortcode attribute in all versions up to, and including, 1.8.5. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible...

6.4CVSS0.00205EPSS
Exploits0References6
ATTACKERKB
ATTACKERKB
added 2026/06/18 8:31 a.m.6 views

CVE-2026-2021

The Slideshow Gallery LITE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alwaysauto' shortcode attribute in all versions up to, and including, 1.8.5. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible...

6.4CVSS5.5AI score0.00205EPSS
Exploits0References7
CVE
CVE
added 2026/06/18 8:31 a.m.24 views

CVE-2026-2021

The CVE concerns the WordPress Slideshow Gallery LITE plugin (versions

6.4CVSS5.5AI score0.00205EPSS
Exploits0References6
Cvelist
Cvelist
added 2026/06/18 8:31 a.m.22 views

CVE-2026-2021 Slideshow Gallery LITE <= 1.8.5 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'alwaysauto' Shortcode Attribute

The Slideshow Gallery LITE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alwaysauto' shortcode attribute in all versions up to, and including, 1.8.5. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible...

6.4CVSS0.00205EPSS
Exploits0References6
EUVD
EUVD
added 2026/06/18 8:31 a.m.17 views

EUVD-2026-37868

The Slideshow Gallery LITE plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'alwaysauto' shortcode attribute in all versions up to, and including, 1.8.5. This is due to insufficient input sanitization and output escaping on user-supplied attributes. This makes it possible...

6.4CVSS5.6AI score0.00205EPSS
Exploits0References6
Rows per page
Query Builder