Majeedraza Carousel_slider
7 CVEs affecting Majeedraza Carousel_slider. Latest disclosed: 2024-12-13. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-4372 | Medium | 5.4 | 2024-05-21 | The Carousel Slider WordPress plugin before 2.2.11 does not sanitise and escape some parameters, which could allow users with a role as low as editor to perfor… |
CVE-2023-41848 | Medium | 5.3 | 2024-12-13 | Missing Authorization vulnerability in Majeed Raza Carousel Slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects C… |
CVE-2024-6850 | Medium | 4.8 | 2024-09-13 | The Carousel Slider WordPress plugin before 2.2.4 does not sanitise and escape some of its settings, which could allow high privilege users such as editors to… |
CVE-2024-3703 | Medium | 4.7 | 2024-05-03 | The Carousel Slider WordPress plugin before 2.2.10 does not validate and escape some of its Slide options before outputting them back in the page/post where th… |
CVE-2024-1712 | Medium | 4.7 | 2024-04-15 | The Carousel Slider WordPress plugin before 2.2.7 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to pe… |
CVE-2024-45270 | Medium | 4.3 | 2024-09-02 | WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Hero image selection feature. While logged i… |
CVE-2024-45269 | Medium | 4.3 | 2024-09-02 | WordPress plugin "Carousel Slider" provided by Sayful Islam contains a cross-site request forgery vulnerability on Carousel image selection feature. While logg… |