1 results (0.007 seconds)
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2
CVSS: 6.1EPSS: 0%CPEs: 1EXPL: 2CVE-2024-5729 – Simple AL Slider <= 1.2.10 - Reflected XSS
https://notcve.org/view.php?id=CVE-2024-5729
07 Jun 2024 — The Simple AL Slider WordPress plugin through 1.2.10 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin El complemento Simple AL Slider de WordPress hasta la versión 1.2.10 no sanitiza ni escapa un parámetro antes de devolverlo a la página, lo que genera Cross-Site Scripting Reflejado que podría usarse contra usuarios con altos privilegios, como el administrador. The Simple... • https://packetstorm.news/files/id/189004 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •