Page 6 of 26 results (0.003 seconds)
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 1
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 1CVE-2018-20368 – Master Slider <= 3.7.0 - Authenticated Stored Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2018-20368
The Master Slider plugin 3.2.7 and 3.5.1 for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback. El plugin Master Slider, en versiones 3.2.7 y 3.5.1 para WordPress, tiene Cross-Site Scripting (XSS) mediante el campo de entrada Name en wp-admin/admin-ajax.php del valor MSPanel.Settings en Callback. The Master Slider plugin for WordPress has XSS via the wp-admin/admin-ajax.php Name input field of the MSPanel.Settings value on Callback. • https://www.vulnerability-lab.com/get_content.php?id=2158 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •