Vulnerabilities (CVE)

Filtered by vendor Cm-wp Subscribe
Filtered by product Social Slider Widget
Total 1 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-24196 1 Cm-wp 1 Social Slider Widget 2024-02-28 3.5 LOW 5.4 MEDIUM
The Social Slider Widget WordPress plugin before 1.8.5 allowed Authenticated Reflected XSS in the plugin settings page as the ‘token_error’ parameter can be controlled by users and it is directly echoed without being sanitized