Logo Carousel
by WordPress
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2021-24739 | Hig | 0.53 | 8.1 | 0.01 | Dec 21, 2021 | The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to duplicate and view arbitrary private posts made by other users via the Carousel Duplication feature | ||
| CVE-2024-47631 | Med | 0.42 | 6.5 | 0.00 | Oct 5, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Logo Carousel – Clients logo carousel for WP responsive-client-logo-carousel-slider allows Stored XSS.This issue affects Logo Carousel – Clients logo carousel for… | ||
| CVE-2021-24738 | Med | 0.35 | 5.4 | 0.01 | Dec 21, 2021 | The Logo Carousel WordPress plugin before 3.4.2 does not validate and escape the "Logo Margin" carousel option, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks |
- risk 0.53cvss 8.1epss 0.01
The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to duplicate and view arbitrary private posts made by other users via the Carousel Duplication feature
- risk 0.42cvss 6.5epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in bPlugins Logo Carousel – Clients logo carousel for WP responsive-client-logo-carousel-slider allows Stored XSS.This issue affects Logo Carousel – Clients logo carousel for…
- risk 0.35cvss 5.4epss 0.01
The Logo Carousel WordPress plugin before 3.4.2 does not validate and escape the "Logo Margin" carousel option, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks