2 matches found
CVE-2018-18019
Summary (CVE-2018-18019) : The Tribulant Slideshow Gallery WordPress plugin is affected up to version 1.6.8. The vulnerability is a cross-site scripting (XSS) flaw caused by parameter handling in the admin flow: Slide[title], Slide[media_file], or Slide[image_url] passed through wp-admin/admin.ph...
CVE-2018-18019
XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-slides&method=save Slidetitle, Slidemediafile, or Slideimageurl parameter...