CVEDB API

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0280

The Ultimate Carousel For Elementor WordPress plugin through 2.1.7 does not validate and escape some of its block options before outputting them back in a page/post where the block is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.001

EPSS Ranking 31.5%

CVSS Severity

CVSS v3 Score 5.4

References

Products affected by CVE-2023-0280

Topdigitaltrends » Ultimate Carousel For Elementor » Version: N/A

cpe:2.3:a:topdigitaltrends:ultimate_carousel_for_elementor:-
Topdigitaltrends » Ultimate Carousel For Elementor » Version: 1.0

cpe:2.3:a:topdigitaltrends:ultimate_carousel_for_elementor:1.0
Topdigitaltrends » Ultimate Carousel For Elementor » Version: 2.0

cpe:2.3:a:topdigitaltrends:ultimate_carousel_for_elementor:2.0
Topdigitaltrends » Ultimate Carousel For Elementor » Version: 2.1.1

cpe:2.3:a:topdigitaltrends:ultimate_carousel_for_elementor:2.1.1
Topdigitaltrends » Ultimate Carousel For Elementor » Version: 2.1.2

cpe:2.3:a:topdigitaltrends:ultimate_carousel_for_elementor:2.1.2
Topdigitaltrends » Ultimate Carousel For Elementor » Version: 2.1.3

cpe:2.3:a:topdigitaltrends:ultimate_carousel_for_elementor:2.1.3
Topdigitaltrends » Ultimate Carousel For Elementor » Version: 2.1.5

cpe:2.3:a:topdigitaltrends:ultimate_carousel_for_elementor:2.1.5
Topdigitaltrends » Ultimate Carousel For Elementor » Version: 2.1.7

cpe:2.3:a:topdigitaltrends:ultimate_carousel_for_elementor:2.1.7

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2023-0280

Products

Pricing

Contact Us