CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

15 matches found

Patchstack•added 2024/10/01 2:0 p.m.•1 views

WordPress XO Slider plugin <= 3.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting vulnerability discovered by Francesco Carlucci in WordPress Plugin XO Slider versions = 3.8.6...

6.4CVSS5.7AI score0.0043EPSS

Exploits0References1Affected Software1

NVD•added 2024/10/01 9:15 a.m.•6 views

CVE-2024-8324

The XO Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘getslider’ function in all versions up to, and including, 3.8.6 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access an...

6.4CVSS0.0043EPSS

Exploits0References3

Vulnrichment•added 2024/10/01 8:30 a.m.•7 views

CVE-2024-8324 XO Slider <= 3.8.6 - Authenticated (Contributor+) Stored Cross-Site Scripting

6.4CVSS5.8AI score0.0043EPSS

Exploits0References3

CNNVD•added 2024/10/01 12:0 a.m.•1 views

WordPress plugin XO Slider 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plug-in. A cross-site...

6.4CVSS5.9AI score0.0043EPSS

Exploits0References4

Patchstack•added 2024/10/01 12:0 a.m.•8 views

WordPress XO Slider Plugin <= 3.8.6 is vulnerable to Cross Site Scripting (XSS)

Software XO Slider Type Plugin Vulnerable versions = 3.8.6 Fixed in N/A OWASP Top 10 A7: Cross-Site Scripting XSS Classification Cross Site Scripting XSS CVE CVE-2024-8324 Patch priority Low CVSS severity Low 6.5 Developer Claim ownership PSID 959a1f9fef5b Credits Francesco Carlucci Required...

6.4CVSS5.8AI score0.0043EPSS

Exploits0References2Affected Software1

Positive Technologies•added 2024/10/01 12:0 a.m.•1 views

PT-2024-38939 · WordPress · Xo Slider

Name of the Vulnerable Software and Affected Versions: XO Slider plugin for WordPress versions up to, and including, 3.8.6 Description: The issue is related to Stored Cross-Site Scripting via the get slider function due to insufficient input sanitization and output escaping. This allows...

6.4CVSS6.5AI score0.0043EPSS

Exploits0References8

OSV•added 2022/06/15 8:15 p.m.•1 views

CVE-2022-32280

Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerability in Xakuro's XO Slider plugin = 3.3.2 at WordPress...

5.4CVSS5.8AI score

Exploits0References2

Prion•added 2022/06/15 8:15 p.m.•11 views

Cross site scripting

Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerability in Xakuro's XO Slider plugin = 3.3.2 at WordPress...

3.5CVSS5.2AI score0.0022EPSS

Exploits0References2Affected Software1

Cvelist•added 2022/06/15 7:54 p.m.•16 views

CVE-2022-32280 WordPress XO Slider plugin <= 3.3.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerability in Xakuro's XO Slider plugin = 3.3.2 at WordPress...

5.4CVSS5.4AI score0.0022EPSS

Exploits0References2

CVE•added 2022/06/15 7:54 p.m.•74 views

CVE-2022-32280

The CVE-2022-32280 entry concerns WordPress XO Slider plugin versions

5.4CVSS5.2AI score0.0022EPSS

Exploits0References2Affected Software1

Vulnrichment•added 2022/06/15 7:54 p.m.•6 views

CVE-2022-32280 WordPress XO Slider plugin <= 3.3.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerability in Xakuro's XO Slider plugin = 3.3.2 at WordPress...

5.4CVSS5.2AI score0.0022EPSS

Exploits0References2

CNNVD•added 2022/06/15 12:0 a.m.•1 views

WordPress plugin XO Slider 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...

5.4CVSS5.5AI score0.0022EPSS

Exploits0References3

ATTACKERKB•added 2022/06/14 1:31 p.m.•2 views

CVE-2022-32280

Authenticated contributor or higher user role Stored Cross-Site Scripting XSS vulnerability in Xakuro's XO Slider plugin = 3.3.2 at WordPress...

5.4CVSS5.6AI score0.0022EPSS

Exploits0References3Affected Software1

Patchstack•added 2022/06/14 12:0 a.m.•27 views

WordPress XO Slider plugin <= 3.3.2 - Authenticated Stored Cross-Site Scripting (XSS) vulnerability

Authenticated Stored Cross-Site Scripting XSS vulnerability discovered by Ngo Van Thien Patchstack Alliance in WordPress XO Slider plugin versions = 3.3.2. Solution Update the WordPress XO Slider plugin to the latest available version at least 3.3.3...

5.4CVSS2.9AI score0.0022EPSS

Exploits0Affected Software1

WPVulnDB•added 2022/06/14 12:0 a.m.•21 views

XO Slider < 3.3.3 - Contributor+ Stored Cross-Site Scripting

The plugin does not sanitise and escape some of its Slider fields, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks...

5.4CVSS3AI score0.0022EPSS

Exploits0Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by