CVE Search Engine - Security Vulnerabilities and Exploits Search Tool | Vulners.com

🔥 Daily Hot!

💪🏽 CPE Enhanced Advisories

🕶 Shadow Exploits

🕵🏼 Vulners CPE

🔐 Security news

💻 Exploit updates

📑 Blogs review

🐧 Linux vulnerabilities

🤖 AI High Score

show all

7 matches found

RedhatCVE•added 2026/03/26 3:10 p.m.•1 views

CVE-2026-1275

The Multi Post Carousel by Category plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slides' shortcode attribute in all versions up to, and including, 1.4. This is due to insufficient input sanitization and output escaping on the user-supplied 'slides' parameter in the...

6.4CVSS6AI score0.00043EPSS

Exploits0References1

Patchstack•added 2026/03/23 7:31 p.m.•3 views

WordPress Multi Post Carousel by Category plugin <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'slides' Shortcode Attribute vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'slides' Shortcode Attribute vulnerability discovered by zaim in WordPress Plugin Multi Post Carousel by Category versions = 1.4...

6.4CVSS5.8AI score0.00043EPSS

Exploits0References1Affected Software1

EUVD•added 2026/03/21 6:30 a.m.•1 views

EUVD-2026-14171

The Multi Post Carousel by Category plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slides' shortcode attribute in all versions up to, and including, 1.4. This is due to insufficient input sanitization and output escaping on the user-supplied 'slides' parameter in the...

6.4CVSS6AI score0.00043EPSS

Exploits0References4

Vulnrichment•added 2026/03/21 3:26 a.m.•0 views

CVE-2026-1275 Multi Post Carousel by Category <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'slides' Shortcode Attribute

The Multi Post Carousel by Category plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slides' shortcode attribute in all versions up to, and including, 1.4. This is due to insufficient input sanitization and output escaping on the user-supplied 'slides' parameter in the...

6.4CVSS6AI score0.00043EPSS

Exploits0References3

ATTACKERKB•added 2026/03/21 3:26 a.m.•0 views

CVE-2026-1275

The Multi Post Carousel by Category plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slides' shortcode attribute in all versions up to, and including, 1.4. This is due to insufficient input sanitization and output escaping on the user-supplied 'slides' parameter in the...

6.4CVSS6AI score0.00043EPSS

Exploits0References4

Cvelist•added 2026/03/21 3:26 a.m.•25 views

CVE-2026-1275 Multi Post Carousel by Category <= 1.4 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'slides' Shortcode Attribute

The Multi Post Carousel by Category plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slides' shortcode attribute in all versions up to, and including, 1.4. This is due to insufficient input sanitization and output escaping on the user-supplied 'slides' parameter in the...

6.4CVSS0.00043EPSS

Exploits0References3

Positive Technologies•added 2026/03/21 12:0 a.m.•2 views

PT-2026-26803

The Multi Post Carousel by Category plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slides' shortcode attribute in all versions up to, and including, 1.4. This is due to insufficient input sanitization and output escaping on the user-supplied 'slides' parameter in the...

6.4CVSS6AI score0.00043EPSS

Exploits0References4

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by