3 matches found
CVE-2023-2604
The Team Circle Image Slider With Lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the ‘searchterm’ parameter in versions up to, and including, 1.0.17 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers ...
PT-2023-20442 · WordPress · Team Circle Image Slider With Lightbox
Name of the Vulnerable Software and Affected Versions: The Team Circle Image Slider With Lightbox plugin for WordPress versions up to, and including, 1.0.17 Description: The issue is related to Reflected Cross-Site Scripting via the search term parameter due to insufficient input sanitization and...
CVE-2022-0648
The Team Circle Image Slider With Lightbox WordPress plugin before 1.0.16 does not sanitize and escape the orderpos parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting...