Filtered by vendor Majeedraza
Subscribe
Total
3 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2024-6850 | 1 Majeedraza | 1 Carousel Slider | 2024-09-27 | N/A | 4.8 MEDIUM |
| The Carousel Slider WordPress plugin before 2.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed | |||||
| CVE-2024-45270 | 1 Majeedraza | 1 Carousel Slider | 2024-09-04 | N/A | 4.3 MEDIUM |
| WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Hero image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the WordPress site. | |||||
| CVE-2024-45269 | 1 Majeedraza | 1 Carousel Slider | 2024-09-04 | N/A | 4.3 MEDIUM |
| WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. While logged in to the WordPress site with Carousel Slider plugin enabled, accessing a crafted page may cause a user to alter the contents of the WordPress site. | |||||