Lucene search
+L

43 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:50 a.m.4 views

CVE-2024-11442

The Horizontal scroll image slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'horizontal-scroll-image-slideshow' shortcode in all versions up to, and including, 10.1 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS5AI score0.00438EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 6:39 a.m.9 views

CVE-2024-51914

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus drop in image slideshow gallery drop-in-image-slideshow-gallery allows DOM-Based XSS.This issue affects drop in image slideshow gallery: from n/a through = 12.0...

6.5CVSS7.2AI score0.00285EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 2:42 a.m.6 views

CVE-2023-5438

The wp image slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

8.8CVSS5.9AI score0.0079EPSS
Exploits1References1
NVD
NVD
added 2024/12/12 4:15 a.m.14 views

CVE-2024-11442

The Horizontal scroll image slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'horizontal-scroll-image-slideshow' shortcode in all versions up to, and including, 10.1 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS0.00438EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/12/12 3:23 a.m.10 views

CVE-2024-11442 Horizontal scroll image slideshow <= 10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting

The Horizontal scroll image slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'horizontal-scroll-image-slideshow' shortcode in all versions up to, and including, 10.1 due to insufficient input sanitization and output escaping on user supplied attributes...

6.4CVSS5.8AI score0.00438EPSS
Exploits0References3
NVD
NVD
added 2024/11/19 5:15 p.m.43 views

CVE-2024-51914

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus drop in image slideshow gallery drop-in-image-slideshow-gallery allows DOM-Based XSS.This issue affects drop in image slideshow gallery: from n/a through = 12.0...

6.5CVSS0.00285EPSS
Exploits0References1
CVE
CVE
added 2024/11/19 4:31 p.m.51 views

CVE-2024-51914

CVE-2024-51914: WordPress plugin drop in image slideshow gallery (pre-12.0) has a DOM-based XSS vulnerability due to improper input neutralization during page generation. Exploitation details are not provided in the documents, but CVSS notes indicate network access with low attack complexity and ...

6.5CVSS7.2AI score0.00285EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/19 4:31 p.m.36 views

CVE-2024-51914 WordPress drop in image slideshow gallery plugin <= 12.0 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus drop in image slideshow gallery drop-in-image-slideshow-gallery allows DOM-Based XSS.This issue affects drop in image slideshow gallery: from n/a through = 12.0...

6.5CVSS0.00285EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/11/19 12:0 a.m.7 views

PT-2024-35047 · Unknown · Drop In Image Slideshow Gallery

Name of the Vulnerable Software and Affected Versions: drop in image slideshow gallery versions prior to 12.0 Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based Cross-site Scripting XSS. This means that an attacker could...

6.5CVSS6.5AI score0.00285EPSS
Exploits0References3
Patchstack
Patchstack
added 2024/11/08 4:57 p.m.9 views

WordPress drop in image slideshow gallery plugin <= 12.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Zlrqh Patchstack Alliance in WordPress Plugin drop in image slideshow gallery versions = 12.0...

6.5CVSS6.1AI score0.00285EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2024/11/08 12:0 a.m.18 views

WordPress drop in image slideshow gallery Plugin <= 12.0 is vulnerable to Cross Site Scripting (XSS)

Software drop in image slideshow gallery Type Plugin Vulnerable versions = 12.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51914 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a71fbc384972 Credits Zlrqh Required privilege...

6.5CVSS6.9AI score0.00285EPSS
Exploits0References1Affected Software1
Patchstack
Patchstack
added 2024/06/11 12:0 a.m.10 views

WordPress Left right image slideshow gallery Plugin <= 1.8.1 is vulnerable to SQL Injection

Software Left right image slideshow gallery Type Plugin Vulnerable versions = 1.8.1 Fixed in 1.8.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-5543 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 26f19037ceb8 Credits Krzysztof Zając Required...

8.1CVSS6.8AI score0.00486EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2023/12/19 3:9 a.m.31 views

CVE-2023-5413 Image horizontal reel scroll slideshow <= 13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode

The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ihrss-gallery' shortcode in versions up to, and including, 13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

6.4CVSS5.8AI score0.00445EPSS
Exploits0References3
GithubExploit
GithubExploit
added 2023/10/31 9:26 a.m.19 views

Exploit for CVE-2023-5412

CVE-2023-5412 Image horizontal reel scroll slideshow = 13...

8.8CVSS8.3AI score0.01486EPSS
Exploits2
OSV
OSV
added 2023/10/31 9:15 a.m.2 views

CVE-2023-5438

The wp image slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...

6.5CVSS5.9AI score0.0079EPSS
Exploits1References3
OSV
OSV
added 2023/10/31 9:15 a.m.4 views

CVE-2023-5435

The Up down image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possibl...

6.5CVSS5.8AI score0.0079EPSS
Exploits1References3
OSV
OSV
added 2023/10/31 9:15 a.m.4 views

CVE-2023-5431

The Left right image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...

6.5CVSS5.9AI score0.00797EPSS
Exploits1References3
CVE
CVE
added 2023/10/31 8:32 a.m.94 views

CVE-2023-5431

CVE-2023-5431 affects the Left right image slideshow gallery WordPress plugin. The flaw is an SQL Injection via the plugin shortcode in versions

8.8CVSS6.7AI score0.00797EPSS
Exploits1References3Affected Software1
CNNVD
CNNVD
added 2023/10/31 12:0 a.m.6 views

WordPress Plugin wp image slideshow SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...

8.8CVSS7.8AI score0.0079EPSS
Exploits1References4
CNNVD
CNNVD
added 2023/10/31 12:0 a.m.4 views

WordPress Plugin Up down image slideshow gallery SQL Injection Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...

8.8CVSS7.7AI score0.0079EPSS
Exploits1References4
Rows per page
Query Builder