Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.4
CVE-2024-12073
- EPSS 0.22%
- Veröffentlicht 07.01.2025 06:15:15
- Zuletzt bearbeitet 05.06.2025 15:41:59
The Meteor Slides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'slide_url_value' parameter in all versions up to, and including, 1.5.7 due to insufficient input sanitization and output escaping. This makes it possible for...
5.9
CVE-2024-52493
- EPSS 0.05%
- Veröffentlicht 02.12.2024 14:15:10
- Zuletzt bearbeitet 09.06.2025 20:38:55
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Josh Leuze Meteor Slides allows Stored XSS.This issue affects Meteor Slides: from n/a through 1.5.7.
5.4
CVE-2022-4486
- EPSS 0.25%
- Veröffentlicht 16.01.2023 16:15:12
- Zuletzt bearbeitet 07.04.2025 18:15:44
The Meteor Slides WordPress plugin before 1.5.7 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting at...
1