VYPR

Slickstream: Engagement and Conversions

by WordPress

CVEs (1)

  • CVE-2024-10179MedNov 12, 2024
    risk 0.35cvss 6.4epss 0.00

    The Slickstream: Engagement and Conversions plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slick-grid shortcode in all versions up to, and including, 1.4.4 due to insufficient input sanitization and output escaping on user supplied attributes.…