Vendor
Tribulant
Products
3
CVEs
6
Across products
12
Status
Private
Products
3- 7 CVEs
- 3 CVEs
- 2 CVEs
Recent CVEs
6| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-28491 | Med | 0.44 | 6.7 | 0.00 | Dec 20, 2023 | Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery LITE.This issue affects Slideshow Gallery LITE: from n/a through 1.7.6. | |
| CVE-2023-30478 | Med | 0.35 | 5.4 | 0.00 | Nov 10, 2023 | Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters plugin <= 4.8.8 versions. | |
| CVE-2024-31353 | Med | 0.34 | 5.3 | 0.00 | Apr 10, 2024 | Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8. | |
| CVE-2014-5460 | 0.08 | — | 0.65 | Sep 11, 2014 | Unrestricted file upload vulnerability in the Tribulant Slideshow Gallery plugin before 1.4.7 for WordPress allows remote authenticated users to execute arbitrary code by uploading a PHP file, then accessing it via a direct request to the file in wp-content/uploads/slideshow-gallery/. | ||
| CVE-2024-37227 | 0.00 | — | 0.00 | Jun 21, 2024 | Cross Site Request Forgery (CSRF) vulnerability in Tribulant Newsletters.This issue affects Newsletters: from n/a through 4.9.7. | ||
| CVE-2024-35718 | 0.00 | — | 0.00 | Jun 8, 2024 | Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tribulant Newsletters allows Reflected XSS.This issue affects Newsletters: from n/a through 4.9.5. |