I13websolution: Security Vulnerabilities
Unauth. Reflected Cross-Site Scripting (XSS) vulnerability in I Thirteen Web Solution Continuous Image Carousel With Lightbox plugin <= 1.0.15 versions.
CVSS Score
7.1
EPSS Score
0.001
Published
2023-04-07
The Team Circle Image Slider With Lightbox WordPress plugin before 1.0.16 does not sanitize and escape the order_pos parameter before outputting it back in an admin page, leading to a Reflected Cross-Site Scripting.
CVSS Score
6.1
EPSS Score
0.002
Published
2022-03-14
Page 5