Unrated severityNVD Advisory· Published Oct 17, 2024· Updated Oct 17, 2024

Logo Slider < 4.1.0 - Contributor+ Stored XSS

CVE-2024-5429

Description

The Logo Slider WordPress plugin before 4.1.0 does not validate and escape some of its Slider Settings before outputting them back in attributes, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks

Affected products

Unknown/Logo Sliderv5
Range: 0

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

wpscan.com/vulnerability/ddb76c88-aeca-42df-830e-abffd29f1141/mitreexploitvdb-entrytechnical-description

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000