WordPress Plugin Vulnerabilities
Content text slider on post < 6.9 - Authenticated Stored Cross-Site Scripting (XSS)
Description
The plugin does not sanitise and escape the Title and Message/Content settings, which could lead to Cross-Site Scripting issues
Affects Plugins
References
Classification
Type
XSS
OWASP top 10
CWE
CVSS
Miscellaneous
Original Researcher
ALIREZA_PROMIS
Submitter
Ryan
Verified
Yes
WPVDB ID
Timeline
Publicly Published
2015-12-22 (about 8 years ago)
Added
2021-08-12 (about 2 years ago)
Last Updated
2022-04-12 (about 2 years ago)