Slideshow Gallery Security Vulnerabilities and Issues — Slideshow Gallery CVE List

Lucene search

TribulantSlideshow Gallery

11 matches found

CVE•added 2024/04/10 4:15 p.m.•57 views

CVE-2024-31353

Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8.

5.3CVSS9.3AI score0.00294EPSS

CVE•added 2024/04/10 5:15 p.m.•45 views

CVE-2024-31355

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8.

8.5CVSS9.7AI score0.00244EPSS

CVE•added 2024/04/12 1:15 p.m.•44 views

CVE-2024-31354

Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8.

4.3CVSS9.2AI score0.0007EPSS

CVE•added 2024/10/05 4:15 p.m.•38 views

CVE-2024-47376

Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tribulant Slideshow Gallery allows Stored XSS.This issue affects Slideshow Gallery: from n/a through 1.8.3.

5.9CVSS6.1AI score0.00063EPSS

CVE•added 2019/04/15 9:29 p.m.•37 views

CVE-2018-18017

XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter.

6.1CVSS6.6AI score0.0021EPSS

CVE•added 2019/04/15 9:29 p.m.•36 views

CVE-2018-18018

SQL Injection exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter.

9.8CVSS9.9AI score0.00546EPSS

CVE•added 2021/11/23 8:15 p.m.•36 views

CVE-2021-24882

The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise and escape the Slide "Title", "Description", and Gallery "Title" fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed

4.8CVSS4.8AI score0.00206EPSS

CVE•added 2019/04/15 9:29 p.m.•34 views

CVE-2018-18019

XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-slides&method=save Slide[title], Slide[media_file], or Slide[image_url] parameter.

6.1CVSS6.6AI score0.0023EPSS

CVE•added 2018/10/03 8:29 a.m.•32 views

CVE-2018-17946

The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress has XSS via the id, method, Gallerymessage, Galleryerror, or Galleryupdated parameter.

6.1CVSS6AI score0.0021EPSS

CVE•added 2023/12/20 6:15 p.m.•30 views

CVE-2023-28491

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery LITE.This issue affects Slideshow Gallery LITE: from n/a through 1.7.6.

7.2CVSS7.1AI score0.00141EPSS

CVE•added 2023/11/12 10:15 p.m.•27 views

CVE-2023-28497

Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery LITE plugin

8.8CVSS7.2AI score0.00051EPSS