CVE-2019-25212
- EPSS 1%
- Veröffentlicht 11.09.2024 09:15:01
- Zuletzt bearbeitet 26.09.2024 13:36:48
The video carousel slider with lightbox plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.6 due to insufficient escaping on the user supplied parameter and lack of sufficient preparat...
CVE-2023-5945
- EPSS 0.05%
- Veröffentlicht 03.11.2023 13:15:08
- Zuletzt bearbeitet 21.11.2024 08:42:50
The video carousel slider with lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in version 1.0. This is due to missing or incorrect nonce validation on the responsive_video_gallery_with_lightbox_video_management_func() functi...
CVE-2023-32797
- EPSS 0.05%
- Veröffentlicht 25.08.2023 12:15:08
- Zuletzt bearbeitet 21.11.2024 08:04:02
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution video carousel slider with lightbox plugin <= 1.0.22 versions.
CVE-2023-2710
- EPSS 0.48%
- Veröffentlicht 16.05.2023 03:15:09
- Zuletzt bearbeitet 21.11.2024 07:59:08
The video carousel slider with lightbox plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the search_term parameter in versions up to, and including, 1.0.22 due to insufficient input sanitization and output escaping. This make...