RSS   Podatności dla 'Logo carousel'   RSS

2021-12-21
 
CVE-2021-24738

CWE-79
 

 
The Logo Carousel WordPress plugin before 3.4.2 does not validate and escape the "Logo Margin" carousel option, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks

 
 
CVE-2021-24739

CWE-285
 

 
The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to duplicate and view arbitrary private posts made by other users via the Carousel Duplication feature

 


Copyright 2024, cxsecurity.com

 

Back to Top