WordPress Logo Showcase with Slick Slider plugin <= 1.2.3 - Stored Cross-Site Scripting (XSS) vulnerability

2021-10-1900:00:00

apple502j

patchstack.com

wordpress

logo showcase

slick slider

cross-site scripting

xss

vulnerability

update

EPSS

0.001

Percentile

24.8%

Stored Cross-Site Scripting (XSS) vulnerability discovered by apple502j in WordPress Logo Showcase with Slick Slider plugin (versions <= 1.2.3).

Solution

           Update the WordPress Logo Showcase with Slick Slider plugin to the latest available version (at least 1.2.4).

cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-24729

wordpress.org/plugins/logo-showcase-with-slick-slider/#developers

wpscan.com/vulnerability/5d70818e-730d-40c9-a2db-652052a5fd5c

EPSS

0.001

Percentile

24.8%

Related for PATCHSTACK:EA28BBBDA51A3353DC68FAB6E35572FF