Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Majeedraza Subscribe
Filtered by product Carousel Slider
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-6850 1 Majeedraza 1 Carousel Slider 2024-09-27 N/A 4.8 MEDIUM
The Carousel Slider WordPress plugin before 2.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed
CVE-2024-45270 1 Majeedraza 1 Carousel Slider 2024-09-04 N/A 4.3 MEDIUM
WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Hero image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the WordPress site.
CVE-2024-45269 1 Majeedraza 1 Carousel Slider 2024-09-04 N/A 4.3 MEDIUM
WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the WordPress site.