2 matches found
CVE-2022-4624
The CVE-2022-4624 entry concerns the WordPress plugin GS Logo Slider, affected versions prior to 3.3.8. The vulnerability arises because the plugin does not validate/escape certain shortcode attributes before output, enabling Stored XSS that can be triggered by low-privilege users (Contributor) a...
CVE-2024-7716
The CVE-2024-7716 issue affects the Logo Slider WordPress plugin (GS Logo Slider Lite) prior to version 3.6.9. The vulnerability arises because certain settings are not sanitized/escaped, enabling Stored XSS by high-privilege users (e.g., administrators), including in multisite environments where...