3 matches found
CVE-2022-0648
CVE-2022-0648 concerns the WordPress plugin “Team Circle Image Slider With Lightbox” (before version 1.0.16). The vulnerability arises because the plugin does not sanitize and escape the order_pos parameter before outputting it back in an admin page, enabling a reflected Cross-Site Scripting (XSS...
CVE-2023-2604
CVE-2023-2604 affects the WordPress plugin
CVE-2015-10130
CVE-2015-10130 pertains to the WordPress plugin Team Circle Image Slider With Lightbox (version 1.0). The issue is a Cross-Site Request Forgery (CSRF) flaw caused by missing/incorrect nonce validation in the function circle_thumbnail_slider_with_lightbox_image_management_func() . This can allow u...