6 matches found
WordPress Divi Carousel Lite plugin <= 2.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Carousel and Logo Carousel Widgets vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via Image Carousel and Logo Carousel Widgets vulnerability discovered by Webbernaut in WordPress Plugin Divi Carousel Lite versions = 2.0.4...
CVE-2025-0350 Divi Carousel Lite <= 2.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Carousel and Logo Carousel Widgets
The Divi Carousel Maker – Image, Logo, Testimonial, Post Carousel & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Carousel and Logo Carousel in all versions up to, and including, 2.0.4 due to insufficient input sanitization and output escaping on us...
CVE-2025-0350 Divi Carousel Lite <= 2.0.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via Image Carousel and Logo Carousel Widgets
The Divi Carousel Maker – Image, Logo, Testimonial, Post Carousel & More plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's Image Carousel and Logo Carousel in all versions up to, and including, 2.0.4 due to insufficient input sanitization and output escaping on us...
CVE-2025-0350
CVE-2025-0350 affects the WordPress plugin “Divi Carousel Maker” (Divi Carousel Lite) up to version 2.0.4. The vulnerability is a Stored Cross-Site Scripting via the Image Carousel and Logo Carousel widgets caused by insufficient input sanitization and output escaping on user-supplied attributes....
WordPress Divi Carousel Lite Plugin <= 1.2.11 is vulnerable to Cross Site Scripting (XSS)
Software Divi Carousel Lite Type Plugin Vulnerable versions = 1.2.11 Fixed in 1.2.12 OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority High CVSS severity High 7.1 Developer Claim ownership PSID a2b273c2e39a Credits Rafie Muhammad Patchstack...
WordPress Divi Carousel Lite - Image Carousel, Logo Carousel, Testimonial Carousel Slider and more Plugin <= 1.6.3 is vulnerable to Cross Site Scripting (XSS)
Software Divi Carousel Lite - Image Carousel, Logo Carousel, Testimonial Carousel Slider and more Type Plugin Vulnerable versions = 1.6.3 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2023-33999 Patch priority Medium CVSS severity Medium 7.1 Developer Cla...