Image Horizontal Reel Scroll Slideshow
by Gopiplus
Source repositories
CVEs (3)
| CVE | Vendor / Product | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2023-5412 | Hig | 0.50 | 8.8 | 0.01 | Oct 31, 2023 | The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 13.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL… | ||
| CVE-2024-52492 | Med | 0.38 | 5.9 | 0.00 | Dec 2, 2024 | Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Image horizontal reel scroll slideshow image-horizontal-reel-scroll-slideshow allows Stored XSS.This issue affects Image horizontal reel scroll slideshow: from n/a… | ||
| CVE-2023-5413 | Med | 0.35 | 6.4 | 0.00 | Dec 19, 2023 | The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ihrss-gallery' shortcode in versions up to, and including, 13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it… |
- risk 0.50cvss 8.8epss 0.01
The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to SQL Injection via the plugin's shortcode in versions up to, and including, 13.2 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL…
- risk 0.38cvss 5.9epss 0.00
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in gopiplus Image horizontal reel scroll slideshow image-horizontal-reel-scroll-slideshow allows Stored XSS.This issue affects Image horizontal reel scroll slideshow: from n/a…
- risk 0.35cvss 6.4epss 0.00
The Image horizontal reel scroll slideshow plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'ihrss-gallery' shortcode in versions up to, and including, 13.3 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it…