4 matches found
WordPress WP Google Review Slider plugin < 15.6 - Admin+ Stored XSS vulnerability
Admin+ Stored XSS vulnerability discovered by Bob Matyas in WordPress Plugin WP Google Review Slider versions 15.6...
CVE-2024-11109
The WP Google Review Slider WordPress plugin before version 15.6 does not sanitize and escape some settings, allowing high-privilege users (e.g., admins) to perform Stored Cross-Site Scripting even when unfiltered_html is disallowed (including multisite setups). Affected component: plugin setting...
CVE-2024-11109 WP Google Review Slider < 15.6 - Admin+ Stored XSS
The WP Google Review Slider WordPress plugin before 15.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...
CVE-2024-11109 WP Google Review Slider < 15.6 - Admin+ Stored XSS
The WP Google Review Slider WordPress plugin before 15.6 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...