Shapedplugin Carousel, Slider, Photo Gallery With Lightbox, Video Slider, By Wp Carousel
4 CVEs affecting Shapedplugin Carousel, Slider, Photo Gallery With Lightbox, Video Slider, By Wp Carousel. Latest disclosed: 2026-05-05. Critical: 0, High: 1.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2024-3020 | High | 7.2 | 2024-04-10 | The plugin is vulnerable to PHP Object Injection in versions up to and including, 2.6.3 via deserialization of untrusted input in the import function via the '… |
CVE-2026-4665 | Medium | 6.4 | 2026-05-05 | The WP Carousel Free plugin for WordPress is vulnerable to Stored Cross-Site Scripting via crafted fancybox `data-caption` attributes in all versions up to, an… |
CVE-2024-5020 | Medium | 6.4 | 2024-12-04 | Multiple plugins for WordPress are vulnerable to Stored Cross-Site Scripting via the plugin's bundled FancyBox JavaScript library (versions 1.3.4 to 3.5.7) in… |
CVE-2024-2949 | Medium | 6.4 | 2024-04-06 | The Carousel, Slider, Gallery by WP Carousel – Image Carousel & Photo Gallery, Post Carousel & Post Grid, Product Carousel & Product Grid for WooCommerce plugi… |