Vulnerabilites related to techearty - carousel\,_slider\,_gallery_by_wp_carousel
Vulnerability from fkie_nvd
Published
2023-01-16 16:15
Modified
2024-11-21 07:35
Severity ?
Summary
The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.5.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
References
| ▼ | URL | Tags | |
|---|---|---|---|
| contact@wpscan.com | https://wpscan.com/vulnerability/389b71d6-b0e6-4e36-b9ca-9d8dab75bb0a | Exploit, Third Party Advisory | |
| af854a3a-2127-422b-91ae-364da2661108 | https://wpscan.com/vulnerability/389b71d6-b0e6-4e36-b9ca-9d8dab75bb0a | Exploit, Third Party Advisory |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| techearty | carousel\,_slider\,_gallery_by_wp_carousel | * |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:techearty:carousel\\,_slider\\,_gallery_by_wp_carousel:*:*:*:*:*:wordpress:*:*",
"matchCriteriaId": "4B033658-41DC-42C3-AE5C-37ADB16D1E03",
"versionEndExcluding": "2.5.3",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.5.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins."
},
{
"lang": "es",
"value": "El complemento Carousel, Slider, Gallery de WP Carousel de WordPress anterior a 2.5.3 no valida ni escapa algunos de sus atributos de c\u00f3digo corto antes de devolverlos a la p\u00e1gina, lo que podr\u00eda permitir a los usuarios con un rol tan bajo como colaborador realizar un ataque de cross-site scripting almacenado que podr\u00edan usarse contra usuarios con altos privilegios, como administradores."
}
],
"id": "CVE-2022-4482",
"lastModified": "2024-11-21T07:35:21.123",
"metrics": {
"cvssMetricV31": [
{
"cvssData": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"exploitabilityScore": 2.3,
"impactScore": 2.7,
"source": "nvd@nist.gov",
"type": "Primary"
}
]
},
"published": "2023-01-16T16:15:12.717",
"references": [
{
"source": "contact@wpscan.com",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/389b71d6-b0e6-4e36-b9ca-9d8dab75bb0a"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Exploit",
"Third Party Advisory"
],
"url": "https://wpscan.com/vulnerability/389b71d6-b0e6-4e36-b9ca-9d8dab75bb0a"
}
],
"sourceIdentifier": "contact@wpscan.com",
"vulnStatus": "Modified"
}
cve-2022-4482
Vulnerability from cvelistv5
Published
2023-01-16 15:37
Modified
2024-08-03 01:41
Severity ?
EPSS score ?
Summary
The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.5.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
References
| ▼ | URL | Tags |
|---|---|---|
| https://wpscan.com/vulnerability/389b71d6-b0e6-4e36-b9ca-9d8dab75bb0a | exploit, vdb-entry, technical-description |
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Unknown | Carousel, Slider, Gallery by WP Carousel |
Version: 0 < 2.5.3 |
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-03T01:41:44.749Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description",
"x_transferred"
],
"url": "https://wpscan.com/vulnerability/389b71d6-b0e6-4e36-b9ca-9d8dab75bb0a"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"collectionURL": "https://wordpress.org/plugins",
"defaultStatus": "unaffected",
"product": "Carousel, Slider, Gallery by WP Carousel",
"vendor": "Unknown",
"versions": [
{
"lessThan": "2.5.3",
"status": "affected",
"version": "0",
"versionType": "custom"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Lana Codes"
},
{
"lang": "en",
"type": "coordinator",
"value": "WPScan"
}
],
"descriptions": [
{
"lang": "en",
"value": "The Carousel, Slider, Gallery by WP Carousel WordPress plugin before 2.5.3 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "CWE-79 Cross-Site Scripting (XSS)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2023-01-16T15:37:58.516Z",
"orgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"shortName": "WPScan"
},
"references": [
{
"tags": [
"exploit",
"vdb-entry",
"technical-description"
],
"url": "https://wpscan.com/vulnerability/389b71d6-b0e6-4e36-b9ca-9d8dab75bb0a"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "Carousel, Slider, Gallery by WP Carousel \u003c 2.5.3 - Contributor+ Stored XSS",
"x_generator": {
"engine": "WPScan CVE Generator"
}
}
},
"cveMetadata": {
"assignerOrgId": "1bfdd5d7-9bf6-4a53-96ea-42e2716d7a81",
"assignerShortName": "WPScan",
"cveId": "CVE-2022-4482",
"datePublished": "2023-01-16T15:37:58.516Z",
"dateReserved": "2022-12-14T08:12:55.922Z",
"dateUpdated": "2024-08-03T01:41:44.749Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}