← Back

Logo Showcase With Slick Slider

logo_showcase_with_slick_slider

Vendor: Infornweb • 3 CVEs

CVEs (3)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2021-24913
1Infornweb
1Logo Showcase With Slick Slider
Nov 21, 2024
Feb 28, 2022
N/A· v4
4.3 MEDIUM· v3
4.3 MEDIUM· v2
The Logo Showcase with Slick Slider WordPress plugin before 2.0.1 does not have CSRF check in the lswss_save_attachment_data AJAX action, allowing attackers to make a logged in high privilege user, change title, descript...Show more
The Logo Showcase with Slick Slider WordPress plugin before 2.0.1 does not have CSRF check in the lswss_save_attachment_data AJAX action, allowing attackers to make a logged in high privilege user, change title, description, alt text, and URL of arbitrary uploaded media.Show less
CVE-2021-24730
1Infornweb
1Logo Showcase With Slick Slider
Nov 21, 2024
Feb 28, 2022
N/A· v4
4.3 MEDIUM· v3
4.0 MEDIUM· v2
The Logo Showcase with Slick Slider WordPress plugin before 1.2.5 does not have CSRF and authorisation checks in the lswss_save_attachment_data AJAX action, allowing any authenticated users, such as Subscriber, to change...Show more
The Logo Showcase with Slick Slider WordPress plugin before 1.2.5 does not have CSRF and authorisation checks in the lswss_save_attachment_data AJAX action, allowing any authenticated users, such as Subscriber, to change title, description, alt text, and URL of arbitrary uploaded media.Show less
CVE-2021-24729
1Infornweb
1Logo Showcase With Slick Slider
Nov 21, 2024
Nov 23, 2021
N/A· v4
5.4 MEDIUM· v3
3.5 LOW· v2
The Logo Showcase with Slick Slider WordPress plugin before 1.2.4 does not sanitise the Grid Settings, which could allow users with a role as low as Author to perform stored Cross-Site Scripting attacks via post metadata...Show more
The Logo Showcase with Slick Slider WordPress plugin before 1.2.4 does not sanitise the Grid Settings, which could allow users with a role as low as Author to perform stored Cross-Site Scripting attacks via post metadata of Grid logo showcase.Show less