← Back

Kiwi Logo Carousel

kiwi-logo-carousel

Vendor: Kiwi Logo Carousel Project • 1 CVE

CVEs (1)

CVE
VENDORS
PRODUCTS
UPDATED
PUBLISHED
CVSS
CVE-2015-9434
1Kiwi Logo Carousel Project
1Kiwi Logo Carousel
Nov 21, 2024
Sep 26, 2019
N/A· v4
6.5 MEDIUM· v3
4.3 MEDIUM· v2
The kiwi-logo-carousel plugin before 1.7.2 for WordPress has CSRF with resultant XSS via the wp-admin/edit.php?post_type=kwlogos&page=kwlogos_settings tab or tab_flags_order parameter.