4 matches found
EUVD-2026-14171
The Multi Post Carousel by Category plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slides' shortcode attribute in all versions up to, and including, 1.4. This is due to insufficient input sanitization and output escaping on the user-supplied 'slides' parameter in the...
CVE-2026-1275 Multi Post Carousel by Category <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'slides' Shortcode Attribute
The Multi Post Carousel by Category plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slides' shortcode attribute in all versions up to, and including, 1.4. This is due to insufficient input sanitization and output escaping on the user-supplied 'slides' parameter in the...
WordPress plugin Category and Product Woocommerce Tabs 安全漏洞
WordPress Category and Product Woocommerce Tabs plugin is a plugin for WordPress websites, the main function is to add custom tabs Tabs to WooCommerce product pages to organize and display product information, categories and other content. A file inclusion vulnerability exists in the WordPress...
CVE-2023-38382 WordPress Subscribe to Category Plugin <= 2.7.4 is vulnerable to SQL Injection
Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in Daniel Söderström / Sidney van de Stouwe Subscribe to Category allows SQL Injection.This issue affects Subscribe to Category: from n/a through 2.7.4...