Smart Slider 3, CVE-2023-0660

CVE, Research URL: CVE-2023-0660
Home page URL: Security reports for Smart Slider 3
Application: Smart Slider 3
Published on: Mar 27, 2023
Research Description: The Smart Slider 3 WordPress plugin before 3.5.1.14 does not properly validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks
Affected versions: Min -, max 3.5.1.14.
Status: vulnerable