PT-2023-21952 · WordPress · Continuous Image Carousel With Lightbox

Yuyudhn

Publicado

2023-06-22

Atualizado

2023-06-28

CVE-2023-28776

CVSS v3.1

7.1

Alta

Vetor

AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L

Name of the Vulnerable Software and Affected Versions Continuous Image Carousel With Lightbox plugin versions prior to 1.0.15

Description The issue is related to an Unauth. Reflected Cross-Site Scripting (XSS) vulnerability. This means that an attacker can inject malicious scripts into a website, potentially allowing them to steal user data or take control of the user's session.

Recommendations For versions prior to 1.0.15, update to version 1.0.15 or later to resolve the issue.

Correção

XSS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-79

Identificadores relacionados

CVE-2023-28776

Produtos afetados

Continuous Image Carousel With Lightbox

PT-2023-21952 · WordPress · Continuous Image Carousel With Lightbox

CVE-2023-28776

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 3