3 matches found
CVE-2024-5429
The Logo Slider WordPress plugin before 4.1.0 does not validate and escape some of its Slider Settings before outputting them back in attributes, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
CVE-2024-5429 Logo Slider < 4.1.0 - Contributor+ Stored XSS
The Logo Slider WordPress plugin before 4.1.0 does not validate and escape some of its Slider Settings before outputting them back in attributes, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks...
WordPress Logo Slider Plugin < 4.1.0 is vulnerable to Cross Site Scripting (XSS)
Software Logo Slider Type Plugin Vulnerable versions 4.1.0 Fixed in 4.1.0 OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-5429 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 5ceef8963242 Credits Dmitrii Ignatyev Required...