Crelly Slider Project

Crelly Slider

4 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.8

CVE-2024-13116

Exploit
  • EPSS 0.03%
  • Veröffentlicht 27.01.2025 06:15:23
  • Zuletzt bearbeitet 13.05.2025 21:07:09

The Crelly Slider WordPress plugin before 1.4.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disallo...

5.4

CVE-2024-3752

Exploit
  • EPSS 0.39%
  • Veröffentlicht 06.05.2024 06:15:07
  • Zuletzt bearbeitet 08.05.2025 16:41:00

The Crelly Slider WordPress plugin through 1.4.5 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfiltered_html capability is disall...

4.3

CVE-2024-33542

  • EPSS 0.13%
  • Veröffentlicht 29.04.2024 06:15:10
  • Zuletzt bearbeitet 29.09.2025 22:21:36

Authorization Bypass Through User-Controlled Key vulnerability in Fabio Rinaldi Crelly Slider.This issue affects Crelly Slider: from n/a through 1.4.5.

8.8

CVE-2019-15866

Exploit
  • EPSS 0.46%
  • Veröffentlicht 03.09.2019 12:15:11
  • Zuletzt bearbeitet 21.11.2024 04:29:38

The crelly-slider plugin before 1.3.5 for WordPress has arbitrary file upload via a PHP file inside a ZIP archive to wp_ajax_crellyslider_importSlider.