3 matches found
CVE-2021-24544
The Responsive WordPress Slider WordPress plugin through 2.2.0 does not sanitise and escape some of the Slider options, allowing Cross-Site Scripting payloads to be set in them. Furthermore, as by default any authenticated user is allowed to create Sliders...
CVE-2021-24544 Responsive WordPress Slider <= 2.2.0 - Subscriber+ Stored Cross-Site Scripting
The Responsive WordPress Slider WordPress plugin through 2.2.0 does not sanitise and escape some of the Slider options, allowing Cross-Site Scripting payloads to be set in them. Furthermore, as by default any authenticated user is allowed to create Sliders...
CVE-2021-24544
The CVE-2021-24544 entry refers to the Responsive WordPress Slider plugin (versions up to 2.2.0). The vulnerability is a stored cross-site scripting (XSS) flaw where several Slider options are not properly sanitised/escaped, enabling attackers with a low-privilege role (as low as subscriber) to i...