4 matches found
CVE-2022-0648
The Team Circle Image Slider With Lightbox WordPress plugin before 1.0.16 does not sanitize and escape the orderpos parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0648
The Team Circle Image Slider With Lightbox WordPress plugin before 1.0.16 does not sanitize and escape the orderpos parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0648 Team Circle Image Slider With Lightbox < 1.0.16 - Reflected Cross-Site Scripting
The Team Circle Image Slider With Lightbox WordPress plugin before 1.0.16 does not sanitize and escape the orderpos parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...
CVE-2022-0648
CVE-2022-0648 concerns the WordPress plugin “Team Circle Image Slider With Lightbox” (before version 1.0.16). The vulnerability arises because the plugin does not sanitize and escape the order_pos parameter before outputting it back in an admin page, enabling a reflected Cross-Site Scripting (XSS...