3 matches found
CVE-2024-4637
The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.7.10 due to insufficient input sanitization and output escaping on the user supplied Elementor 'wrapperid' and 'zindex' display attributes. This makes it possible for...
CVE-2024-4637 Slider Revolution <= 6.7.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via Elementor wrapperid and zindex
The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 6.7.10 due to insufficient input sanitization and output escaping on the user supplied Elementor 'wrapperid' and 'zindex' display attributes. This makes it possible for...
CVE-2024-4637
Slider Revolution for WordPress (revslider) versions up to and including 6.7.10 are affected by a stored XSS due to insufficient input sanitization and output escaping on Elementor wrapperid and zindex attributes. Exploitation requires authenticated access (Contributor+). Patch/mitigation exists ...