CVE-2023-24418: WordPress Tiny carousel horizontal slider plus Plugin <= 3.2 is vulnerable to Cross Site Scripting (XSS)
First published: Wed May 10 2023(Updated: )
Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Tiny carousel horizontal slider plus plugin <= 3.2 versions.
Credit: audit@patchstack.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Gopiplus Tiny Carousel Horizontal Slider Plus | <=3.2 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Frequently Asked Questions
What is the vulnerability ID for this vulnerability?
The vulnerability ID is CVE-2023-24418.
What is the title of this vulnerability?
The title of this vulnerability is Auth. (admin+) Stored Cross-Site Scripting (XSS) vulnerability in Gopi Ramasamy Tiny carousel horizontal slider plus plugin <= 3.2 versions.
What is the affected software?
The affected software is Gopiplus Tiny Carousel Horizontal Slider Plus plugin up to version 3.2.
What is the severity of this vulnerability?
The severity of this vulnerability is medium with a CVSS score of 4.8.
How can I fix this vulnerability?
To fix this vulnerability, it is recommended to update Gopiplus Tiny Carousel Horizontal Slider Plus plugin to a version higher than 3.2.
- collector/nvd-index
- agent/type
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/severity
- agent/title
- agent/references
- agent/author
- agent/weakness
- agent/first-publish-date
- agent/event
- agent/description
- agent/tags
- agent/source
- vendor/gopiplus
- canonical/gopiplus tiny carousel horizontal slider plus
- version/gopiplus tiny carousel horizontal slider plus/3.2