cleantalk
Vulnerabilities and Security Researches

jCarousel for WordPress, CVE-2024-54437

CVE, Research URL

CVE-2024-54437

Home page URL

Security reports for jCarousel for WordPress

Application

jCarousel for WordPress

Published on
Dec 16, 2024
Research Description
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Merrill M. Mayer jCarousel allows Stored XSS.This issue affects jCarousel: from n/a through 1.0.
Affected versions
Min -, max 1.0.
Status
vulnerable
Previous vulnerability researches
WP Dream Carousel (CVE-2024-13331) , Feb 06, 2025
jCarousel for WordPress (CVE-2024-54437) , Dec 19, 2024
WE – Client Logo Carousel (CVE-2024-51821) , Nov 12, 2024
Multiple Carousel (CVE-2025-22553) , Jan 23, 2025
Carousel-of-post-images (CVE-2025-46536) , Apr 26, 2025
New vulnerability
PDF Embedder , Sep 11, 2025
Pixeline's Email Protector (CVE-2025-58982) , Sep 11, 2025
Include Me (CVE-2025-58983) , Sep 11, 2025
PagSeguro / PagBank Connect (CVE-2025-10142) , Sep 11, 2025
Duplicate Page and Post (CVE-2025-6189) , Sep 11, 2025