Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
The Logo Slider WordPress plugin before 3.6.9 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks ev
The Logo Slider WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo Settings when outputing them in pages where the Logo Slider shortcode is embed, which could allow users wit
The Logo Slider WordPress plugin before 4.5.0 does not sanitise and escape some of its Logo and Slider settings, which could allow high privilege users such as Contributor to perform Stored Cross-Sit
The Logo Slider – Logo Carousel, Logo Showcase & Client Logo Slider Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image alt text in all versions up to, and including
The Slider by 10Web WordPress plugin before 1.2.62 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attac
The Slider by 10Web WordPress plugin before 1.2.62 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attac
The Slider by 10Web WordPress plugin before 1.2.59 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attac
The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.95.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Store
The Carousel Slider WordPress plugin before 2.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even
The Slider by 10Web WordPress plugin before 1.2.57 does not sanitise and escape its Slider Title, which could allow high privilege users such as editors and above to perform Cross-Site Scripting atta
The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.95.0 does not sanitise and escape some of its settings, which could allow high privilege users such as editor to perform Stor
The Logo Slider WordPress plugin before 4.9.0 does not validate and escape some of its slider options before outputting them back in the dashboard, which could allow users with the contributor role a
The Master Slider WordPress plugin before 3.10.5 does not sanitise and escape some of its settings, which could allow high privilege users such as Editor and above to perform Stored Cross-Site Script
The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks e
The Logo Slider WordPress plugin before 4.6.0 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow
The Photo Gallery, Sliders, Proofing and WordPress plugin before 3.59.9 does not sanitise and escape some of its Image settings, which could allow high privilege users such as Admin to perform Store
The Logo Slider WordPress plugin before 4.1.0 does not validate and escape some of its Slider Settings before outputting them back in attributes, which could allow users with the contributor role and
The Photo Gallery, Sliders, Proofing and WordPress plugin before 3.59.3 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cros
The Photo Gallery, Sliders, Proofing and WordPress plugin before 3.59.5 does not sanitise and escape some of its Images settings, which could allow high privilege users such as Admin to perform Stor
The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.7.4 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cr
Page 1+ Next →