43 matches found
CVE-2024-11442
The Horizontal scroll image slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'horizontal-scroll-image-slideshow' shortcode in all versions up to, and including, 10.1 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2024-51914
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus drop in image slideshow gallery drop-in-image-slideshow-gallery allows DOM-Based XSS.This issue affects drop in image slideshow gallery: from n/a through = 12.0...
CVE-2023-5438
The wp image slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2024-11442
The Horizontal scroll image slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'horizontal-scroll-image-slideshow' shortcode in all versions up to, and including, 10.1 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2024-11442 Horizontal scroll image slideshow <= 10.1 - Authenticated (Contributor+) Stored Cross-Site Scripting
The Horizontal scroll image slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'horizontal-scroll-image-slideshow' shortcode in all versions up to, and including, 10.1 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2024-51914
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus drop in image slideshow gallery drop-in-image-slideshow-gallery allows DOM-Based XSS.This issue affects drop in image slideshow gallery: from n/a through = 12.0...
CVE-2024-51914
CVE-2024-51914: WordPress plugin drop in image slideshow gallery (pre-12.0) has a DOM-based XSS vulnerability due to improper input neutralization during page generation. Exploitation details are not provided in the documents, but CVSS notes indicate network access with low attack complexity and ...
CVE-2024-51914 WordPress drop in image slideshow gallery plugin <= 12.0 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in gopiplus drop in image slideshow gallery drop-in-image-slideshow-gallery allows DOM-Based XSS.This issue affects drop in image slideshow gallery: from n/a through = 12.0...
PT-2024-35047 · Unknown · Drop In Image Slideshow Gallery
Name of the Vulnerable Software and Affected Versions: drop in image slideshow gallery versions prior to 12.0 Description: The issue is related to improper neutralization of input during web page generation, which allows for DOM-Based Cross-site Scripting XSS. This means that an attacker could...
WordPress drop in image slideshow gallery plugin <= 12.0 - Cross Site Scripting (XSS) vulnerability
Cross Site Scripting XSS vulnerability discovered by Zlrqh Patchstack Alliance in WordPress Plugin drop in image slideshow gallery versions = 12.0...
WordPress drop in image slideshow gallery Plugin <= 12.0 is vulnerable to Cross Site Scripting (XSS)
Software drop in image slideshow gallery Type Plugin Vulnerable versions = 12.0 Fixed in N/A OWASP Top 10 A3: Injection Classification Cross Site Scripting XSS CVE CVE-2024-51914 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID a71fbc384972 Credits Zlrqh Required privilege...
WordPress Left right image slideshow gallery Plugin <= 1.8.1 is vulnerable to SQL Injection
Software Left right image slideshow gallery Type Plugin Vulnerable versions = 1.8.1 Fixed in 1.8.2 OWASP Top 10 A1: Injection Classification SQL Injection CVE CVE-2024-5543 Patch priority Low CVSS severity Low 8.5 Developer Claim ownership PSID 26f19037ceb8 Credits Krzysztof Zając Required...
CVE-2023-5413 Image horizontal reel scroll slideshow <= 13.3 - Authenticated (Contributor+) Stored Cross-Site Scripting via Shortcode
The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ihrss-gallery' shortcode in versions up to, and including, 13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...
Exploit for CVE-2023-5412
CVE-2023-5412 Image horizontal reel scroll slideshow = 13...
CVE-2023-5438
The wp image slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possible for...
CVE-2023-5435
The Up down image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possibl...
CVE-2023-5431
The Left right image slideshow gallery plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 12.0 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it...
CVE-2023-5431
CVE-2023-5431 affects the Left right image slideshow gallery WordPress plugin. The flaw is an SQL Injection via the plugin shortcode in versions
WordPress Plugin wp image slideshow SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A SQL injection vulnerability exists in...
WordPress Plugin Up down image slideshow gallery SQL Injection Vulnerability
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress is a blogging platform developed in the PHP language that supports personal blogs on PHP and MySQL servers.WordPress plugin is an application...