3 matches found
CVE-2025-1062
creationtimestamp| type| source ---|---|--- 2025-03-24 08:22:06+00:00| seen| https://t.me/cvedetector/20941 2025-03-24 10:34:17+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ll4kmoxvq326...
CVE-2025-1062
CVE-2025-1062 affects the WordPress plugin “Slider, Gallery, and Carousel by MetaSlider” pre-3.95.0. The exposure comes from unsanitized/uncleaned and unescaped settings, enabling Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed, such as in multisite setup...
CVE-2025-1062 Slider, Gallery, Carousel by MetaSlider < 3.95.0 - Editor+ Stored XSS
The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.95.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example i...