Vulnerabilities (CVE)

Filtered by vendor Scroll Banner Project Subscribe
Filtered by product Scroll Banner
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-24642 1 Scroll Banner Project 1 Scroll Banner 2024-11-21 4.3 MEDIUM 6.5 MEDIUM
The Scroll Baner WordPress plugin through 1.0 does not have CSRF check in place when saving its settings, nor perform any sanitisation, escaping or validation on them. This could allow attackers to make logged in admin change them and could lead to RCE (via a file upload) as well as XSS