Vulnerabilities and security researches forultimate-multi-design-video-carousel ultimate-multi-design-video-carousel

Oct 11, 2025

CVE, Research URL: CVE-2025-9372
Home page URL: Security reports for Ultimate Multi Design Video Carousel
Application: Ultimate Multi Design Video Carousel
Date: Oct 03, 2025
Research Description: The Ultimate Multi Design Video Carousel plugin for WordPress is vulnerable to Stored Cross-Site Scripting in all versions up to, and including, 1.4 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with editor-level access, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. This only affects multi-site installations and installations where unfiltered_html has been disabled.
Affected versions: max 1.4.
Status: vulnerable

Jun 16, 2026

CVE, Research URL: CVE-2023-53604
Home page URL: Security reports for Ultimate Multi Design Video Carousel
Application: Ultimate Multi Design Video Carousel
Date: Oct 04, 2025
Research Description: In the Linux kernel, the following vulnerability has been resolved: dm integrity: call kmem_cache_destroy() in dm_integrity_init() error path Otherwise the journal_io_cache will leak if dm_register_target() fails.
Affected versions: max 1.4.
Status: vulnerable