CVE-2023-0660

Name of the Vulnerable Software and Affected Versions Smart Slider 3 versions prior to 3.5.1.14

Description The issue arises from the improper validation and escaping of some shortcode attributes in the Smart Slider 3 WordPress plugin, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks. This affects users with the contributor role and above.

Recommendations For versions prior to 3.5.1.14, update to version 3.5.1.14 or later to resolve the issue. As a temporary workaround, consider restricting the use of shortcode attributes to minimize the risk of exploitation.