Thumbnail Carousel Slider Security Vulnerabilities and Issues — Thumbnail Carousel Slider CVE List

Lucene search

I13websolutionThumbnail Carousel Slider

3 matches found

CVE•added 2023/10/27 12:15 p.m.•81 views

CVE-2023-5821

The Thumbnail carousel slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing nonce validation on the deleteselected function. This makes it possible for unauthenticated attackers to delete sliders in bulk via a forged request granted they can...

6.5CVSS6.4AI score0.00091EPSS

CVE•added 2023/05/15 1:15 p.m.•69 views

CVE-2023-1915

The Thumbnail carousel slider WordPress plugin before 1.1.10 does not sanitise and escape some parameters before outputting them back in pages, leading to Reflected Cross-Site Scripting vulnerability which could be used against high privilege users such as admin.

6.1CVSS6AI score0.00102EPSS

CVE•added 2023/04/18 2:15 a.m.•34 views

CVE-2023-2120

The Thumbnail carousel slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term parameter in versions up to, and including, 1.1.9 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitra...

6.1CVSS6.4AI score0.00571EPSS