Vulnerabilities and security researches forpost-category-image-with-grid-and-slider post-category-image-with-grid-and-slider

Jun 06, 2024

CVE, Research URL: CVE-2022-4747
Home page URL: Security reports for Post Category Image With Grid and Slider
Application: Post Category Image With Grid and Slider
Date: Feb 07, 2023
Research Description: The Post Category Image With Grid and Slider WordPress plugin before 1.4.8 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used against high privilege users such as admins.
Affected versions: max 1.4.8.
Status: vulnerable

CVE, Research URL: 3492d1f1466a95f4b4876b13cbf07bc5627ceeab
Home page URL: Security reports for Post Category Image With Grid and Slider
Application: Post Category Image With Grid and Slider
Date: Jan 04, 2023
Research Description: Post Category Image With Grid and Slider [post-category-image-with-grid-and-slider] < 1.4.8 WordPress Post Category Image With Grid and Slider Plugin <= 1.4.7 is vulnerable to Cross Site Scripting (XSS) No patched version available. An unknown person discovered and reported this Cross Site Scripting (XSS) vulnerability in WordPress Post Category Image With Grid and Slider Plugin. This could allow a malicious actor to inject malicious scripts, such as redirects, advertisements, and other HTML payloads into your website which will be executed when guests visit your site. This vulnerability has not been known to be fixed yet.
Affected versions: max 1.4.8.
Status: vulnerable