WordPress WP TripAdvisor Review Slider <10.8 - Authenticated SQL Injection

WordPress WP TripAdvisor Review Slider plugin before 10.8 is susceptible to authenticated SQL injection. The plugin does not properly sanitize and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber. This can lead...

CVE-2026-32490

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jgwhite33 WP TripAdvisor Review Slider wp-tripadvisor-review-slider allows Stored XSS.This issue affects WP TripAdvisor Review Slider: from n/a through = 14.1...

EUVD-2024-35391

Malicious code in bioql PyPI...

CVE-2024-35630

Improper Neutralization of Special Elements used in an SQL Command 'SQL Injection' vulnerability in LJ Apps WP TripAdvisor Review Slider allows Blind SQL Injection.This issue affects WP TripAdvisor Review Slider: from n/a through 12.6...

CVE-2023-6037

The WP TripAdvisor Review Slider WordPress plugin before 11.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-6037 WP TripAdvisor Review Slider < 11.9 - Admin+ Stored XSS

The WP TripAdvisor Review Slider WordPress plugin before 11.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example in multisite setup...

CVE-2023-6037

CVE-2023-6037 affects the WordPress plugin WP TripAdvisor Review Slider up to version 11.9. The flaw arises because the plugin does not sanitize and escape certain settings, enabling Stored Cross-Site Scripting by high-privilege users (e.g., admin), even when the unfiltered_html capability is dis...

CVE-2023-0261

The WP TripAdvisor Review Slider WordPress plugin before 10.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber...

Sql injection

The WP TripAdvisor Review Slider WordPress plugin before 10.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber...

CVE-2023-0261 WP TripAdvisor Review Slider < 10.8 - Subscriber+ SQLi

The WP TripAdvisor Review Slider WordPress plugin before 10.8 does not properly sanitise and escape a parameter before using it in a SQL statement, leading to a SQL injection exploitable by users with a role as low as subscriber...

CVE-2023-0261

The CVE-2023-0261 entry concerns the WordPress plugin WP TripAdvisor Review Slider versions before 10.8. The vulnerability is an authenticated SQL injection caused by improper sanitization/escaping of a parameter before it is interpolated into a SQL statement, exploitable by users with a role as ...

PT-2023-16121 · WordPress · Wp Tripadvisor Review Slider

Name of the Vulnerable Software and Affected Versions: WP TripAdvisor Review Slider WordPress plugin versions prior to 10.8 Description: The issue arises from improper sanitization and escaping of a parameter before its use in a SQL statement, resulting in a SQL injection that can be exploited by...