Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
ShapedpluginLogo Carousel

2 matches found

CVE
CVEadded 2021/12/21 8:45 a.m.55 views

CVE-2021-24739

CVE-2021-24739 involves the WordPress Logo Carousel plugin prior to 3.4.2. Affected: Logo Carousel WordPress plugin versions before 3.4.2. Issue: authorization flaw allowing users with role as low as Contributor to duplicate and view arbitrary private posts via the Carousel Duplication feature. R...

8.1CVSS8AI score0.00427EPSS
Web
CVE
CVEadded 2021/12/21 8:45 a.m.45 views

CVE-2021-24738

The CVE-2021-24738 entry concerns the WordPress Logo Carousel plugin prior to version 3.4.2. The vulnerability arises from a failure to validate and escape the “Logo Margin” option, enabling Stored Cross-Site Scripting (XSS) by users with as little as Contributor privileges. The issue is confirme...

5.4CVSS5.2AI score0.0018EPSS
Web