Vulnerabilities (CVE)

Filtered by vendor Tribulant Subscribe

Filtered by product Slideshow Gallery

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 4 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-24882	1 Tribulant	1 Slideshow Gallery	2021-11-26	3.5 LOW	4.8 MEDIUM
The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise and escape the Slide "Title", "Description", and Gallery "Title" fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed
CVE-2018-18017	1 Tribulant	1 Slideshow Gallery	2019-04-16	4.3 MEDIUM	6.1 MEDIUM
XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter.
CVE-2018-18019	1 Tribulant	1 Slideshow Gallery	2019-04-16	4.3 MEDIUM	6.1 MEDIUM
XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-slides&method=save Slide[title], Slide[media_file], or Slide[image_url] parameter.
CVE-2018-17946	1 Tribulant	1 Slideshow Gallery	2018-11-16	4.3 MEDIUM	6.1 MEDIUM
The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress has XSS via the id, method, Gallerymessage, Galleryerror, or Galleryupdated parameter.