1 results (0.000 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

The Sliderby10Web WordPress plugin before 1.2.52 does not properly sanitize and escape some of its settings, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when unfiltered_html is disallowed El plugin Sliderby10Web de WordPress versiones anteriores a 1.2.52 no sanea ni escapa correctamente de algunos de sus parámetros, lo que podría permitir a los usuarios con altos privilegios, como los administradores, llevar a cabo ataques de Cross-Site Scripting incluso cuando unfiltered_html no está permitido • https://wpscan.com/vulnerability/43581d6b-333a-48d9-a1ae-b9479da8ff87 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •