3 matches found
CVE-2022-2823
creationtimestamp| type| source ---|---|--- 2022-10-11 00:25:29+00:00| seen| https://t.me/cibsecurity/51085...
CVE-2022-2823
CVE-2022-2823 documents a stored XSS in the WordPress plugin “MetaSlider” (Slider, Gallery, and Carousel) prior to version 3.27.9. The root cause is inadequate sanitization/escaping of certain Gallery Image parameters, which permits high-privilege users (e.g., admins) to inject scripts even when ...
CVE-2022-2823 Slider, Gallery, and Carousel by MetaSlider < 3.27.9 - Admin+ Stored Cross Site Scripting
The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.27.9 does not sanitise and escape some of its Gallery Image parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallow...