Lucene search
+L

4 matches found

Patchstack
Patchstack
added 2025/05/17 12:53 a.m.8 views

WordPress WP Google Review Slider plugin < 15.6 - Admin+ Stored XSS vulnerability

Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin WP Google Review Slider versions 15.6...

4.8CVSS6AI score0.00266EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2025/05/15 8:6 p.m.30 views

CVE-2024-11109

The WP Google Review Slider WordPress plugin before version 15.6 does not sanitize and escape some settings, allowing high-privilege users (e.g., admins) to perform Stored Cross-Site Scripting even when unfiltered_html is disallowed (including multisite setups). Affected component: plugin setting...

4.8CVSS5.4AI score0.00266EPSS
Exploits1References1Affected Software1
Vulnrichment
Vulnrichment
added 2025/05/15 8:6 p.m.11 views

CVE-2024-11109 WP Google Review Slider < 15.6 - Admin+ Stored XSS

The WP Google Review Slider WordPress plugin before 15.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

5.6AI score0.00266EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/05/15 8:6 p.m.13 views

CVE-2024-11109 WP Google Review Slider < 15.6 - Admin+ Stored XSS

The WP Google Review Slider WordPress plugin before 15.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

0.00266EPSS
Exploits1References1
Rows per page
Query Builder