CVE-2023-1473

Name of the Vulnerable Software and Affected Versions The Slider, Gallery, and Carousel by MetaSlider WordPress plugin version 3.29.0

Description The issue is related to a Reflected Cross-Site Scripting that could be used against high privilege users such as admin. This occurs because the plugin does not sanitise and escape a parameter before outputting it back in the page.

Recommendations For version 3.29.0, consider updating to a newer version that addresses this issue, as the current version does not properly sanitise and escape parameters, leading to potential Cross-Site Scripting attacks. At the moment, there is no information about a newer version that contains a fix for this vulnerability.