5 matches found
WordPress Responsive Slider by MetaSlider Plugin <= 3.70.0 is vulnerable to Cross Site Scripting (XSS)
Software Responsive Slider by MetaSlider Type Plugin Vulnerable versions = 3.70.0 Fixed in 3.70.1 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-3285 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 334dac19f012 Credits wesley...
CVE-2024-3285
The Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'metaslider' shortcode in all versions up to, and including, 3.70.0 due to insufficient input sanitization and output escaping on us...
CVE-2024-3285 Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows <= 3.70.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via metaslider Shortcode
The Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'metaslider' shortcode in all versions up to, and including, 3.70.0 due to insufficient input sanitization and output escaping on us...
CVE-2024-3285
CVE-2024-3285 concerns the Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows plugin. The vulnerability is a Stored Cross-Site Scripting issue in the metaslider shortcode, triggered by insufficient input sanitization and output escaping on user-supplied attributes. It a...
CVE-2024-3285 Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows <= 3.70.0 - Authenticated (Contributor+) Stored Cross-Site Scripting via metaslider Shortcode
The Slider, Gallery, and Carousel by MetaSlider – Responsive WordPress Slideshows plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'metaslider' shortcode in all versions up to, and including, 3.70.0 due to insufficient input sanitization and output escaping on us...