5 matches found
WordPress Slider, Gallery, Carousel by MetaSlider plugin < 3.95.0 - Editor+ Stored XSS vulnerability
Editor+ Stored XSS vulnerability discovered by Dmitrii Ignatyev in WordPress Plugin Responsive Slider by MetaSlider versions 3.95.0...
CVE-2025-1203
The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.95.0 does not sanitise and escape some of its settings, which could allow high privilege users such as editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example ...
CVE-2025-1203
creationtimestamp| type| source ---|---|--- 2025-03-24 08:22:00+00:00| seen| https://t.me/cvedetector/20936 2025-03-24 10:34:16+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3ll4kmoujdd26...
CVE-2025-1203 Slider, Gallery, Carousel by MetaSlider < 3.95.0 - Editor+ Stored XSS
The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.95.0 does not sanitise and escape some of its settings, which could allow high privilege users such as editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example ...
CVE-2025-1203
CVE-2025-1203 – MetaSlider Slider, Gallery, and Carousel (WordPress) ≤ 3.94.0 Issue: The Slider, Gallery, and Carousel by MetaSlider plugin does not sufficiently sanitize/escape certain settings, enabling Stored XSS by high-privilege users (e.g., editors) even when unfiltered_html is disallowed (...