3 matches found
CVE-2021-24300
CVE-2021-24300 affects the PickPlugins Product Slider for WooCommerce WordPress plugin (before 1.13.22). The issue is a reflected XSS vulnerability in the slider import search feature caused by improper sanitization of the keyword GET parameter. Several connected sources (NVD entry, Nuclei templa...
CVE-2023-0166
The CVE refers to the WordPress plugin Product Slider for WooCommerce by PickPlugins, affected in versions prior to 1.13.42. The vulnerability arises because certain shortcode attributes are not validated or escaped before being output in a page or post, enabling Stored Cross-Site Scripting when ...
CVE-2024-45459
CVE-2024-45459 concerns the WordPress plugin Product Slider for WooCommerce by PickPlugins, affected versions 1.13.50 and earlier. The issue is a Reflected Cross-Site Scripting (XSS) vulnerability arising from improper input neutralization during web page generation, enabling attacker-supplied sc...