Lucene search
K

6 matches found

RedhatCVE
RedhatCVE
added 2025/06/02 7:44 a.m.6 views

CVE-2025-5285

The Product Subtitle for WooCommerce plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘htmlTag’ parameter in all versions up to, and including, 1.3.9 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...

6.4CVSS5.9AI score0.00231EPSS
Exploits0References1
OSV
OSV
added 2024/05/02 5:15 p.m.2 views

CVE-2024-4092

The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘htmltag’ parameter in all versions up to, and including, 6.7.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject arbitrary web...

5.4CVSS5.9AI score0.00423EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/05/02 12:0 a.m.5 views

WordPress Plugin Slider Revolution 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

6.4CVSS5.8AI score0.00423EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/02 12:0 a.m.5 views

PT-2024-29140 · WordPress · Slider Revolution

Name of the Vulnerable Software and Affected Versions: Slider Revolution plugin for WordPress versions up to, and including, 6.7.7 Description: The issue allows for Stored Cross-Site Scripting via the htmltag parameter due to insufficient input sanitization and output escaping. This enables...

6.4CVSS6AI score0.00423EPSS
Exploits0References5
Patchstack
Patchstack
added 2024/05/01 6:16 a.m.5 views

WordPress Slider Revolution plugin <= 6.7.7 - Authenticated (Author+) Stored Cross-Site Scripting via htmltag Parameter vulnerability

Authenticated Author+ Stored Cross-Site Scripting via htmltag Parameter vulnerability discovered by wesley wcraft in WordPress Plugin Slider Revolution versions = 6.7.7...

6.4CVSS5.8AI score0.00423EPSS
Exploits0References1Affected Software1
WPVulnDB
WPVulnDB
added 2024/04/30 12:0 a.m.18 views

Slider Revolution < 6.7.8 - Authenticated (Author+) Stored Cross-Site Scripting via htmltag Parameter

Description The Slider Revolution plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘htmltag’ parameter in all versions up to, and including, 6.7.7 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers to inject...

6.4CVSS5.7AI score0.00423EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder