4 matches found
CVE-2021-24882
The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise and escape the Slide "Title", "Description", and Gallery "Title" fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2021-24882
The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise and escape the Slide "Title", "Description", and Gallery "Title" fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...
CVE-2021-24882
The CVE-2021-24882 entry describes a stored Cross-Site Scripting (XSS) vulnerability in the WordPress Slideshow Gallery plugin prior to 1.7.4. The root cause is the plugin’s failure to sanitize and escape the Slide Title, Slide Description, and Gallery Title fields, enabling attacker-controlled i...
CVE-2021-24882 Slideshow Gallery < 1.7.4 - Admin+ Stored Cross-Site Scripting
The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise and escape the Slide "Title", "Description", and Gallery "Title" fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfilteredhtml is disallowed...