Vulnerabilities (CVE)

Filtered by vendor Tribulant Subscribe

Filtered by product Slideshow Gallery

Total 7 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2024-31353	1 Tribulant	1 Slideshow Gallery	2024-04-19	N/A	5.3 MEDIUM
Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8.
CVE-2023-28491	1 Tribulant	1 Slideshow Gallery	2024-02-05	N/A	7.2 HIGH
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery LITE.This issue affects Slideshow Gallery LITE: from n/a through 1.7.6.
CVE-2021-24882	1 Tribulant	1 Slideshow Gallery	2024-02-04	3.5 LOW	4.8 MEDIUM
The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise and escape the Slide "Title", "Description", and Gallery "Title" fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed
CVE-2018-18018	1 Tribulant	1 Slideshow Gallery	2024-02-04	7.5 HIGH	9.8 CRITICAL
SQL Injection exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter.
CVE-2018-18017	1 Tribulant	1 Slideshow Gallery	2024-02-04	4.3 MEDIUM	6.1 MEDIUM
XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter.
CVE-2018-18019	1 Tribulant	1 Slideshow Gallery	2024-02-04	4.3 MEDIUM	6.1 MEDIUM
XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-slides&method=save Slide[title], Slide[media_file], or Slide[image_url] parameter.
CVE-2018-17946	1 Tribulant	1 Slideshow Gallery	2024-02-04	4.3 MEDIUM	6.1 MEDIUM
The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress has XSS via the id, method, Gallerymessage, Galleryerror, or Galleryupdated parameter.