Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/22 6:25 p.m.7 views

CVE-2021-24882

The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise and escape the Slide "Title", "Description", and Gallery "Title" fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

4.8CVSS6AI score0.00598EPSS
Exploits2References1
NVD
NVD
added 2021/11/23 8:15 p.m.21 views

CVE-2021-24882

The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise and escape the Slide "Title", "Description", and Gallery "Title" fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

4.8CVSS0.00598EPSS
Exploits2References1
CVE
CVE
added 2021/11/23 7:16 p.m.53 views

CVE-2021-24882

The CVE-2021-24882 entry describes a stored Cross-Site Scripting (XSS) vulnerability in the WordPress Slideshow Gallery plugin prior to 1.7.4. The root cause is the plugin’s failure to sanitize and escape the Slide Title, Slide Description, and Gallery Title fields, enabling attacker-controlled i...

4.8CVSS4.8AI score0.00598EPSS
Exploits2References1Affected Software1
Cvelist
Cvelist
added 2021/11/23 7:16 p.m.25 views

CVE-2021-24882 Slideshow Gallery < 1.7.4 - Admin+ Stored Cross-Site Scripting

The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise and escape the Slide "Title", "Description", and Gallery "Title" fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...

5.1AI score0.00598EPSS
Exploits2References1
Rows per page
Query Builder