Vulnerabilities > 2Joomla

DATE CVE VULNERABILITY TITLE RISK
2023-10-02 CVE-2023-44242 Cross-site Scripting vulnerability in 2Joomla 2J Slideshow
Auth.
network
low complexity
2joomla CWE-79
5.4
2023-06-07 CVE-2020-36729 Missing Authorization vulnerability in 2Joomla 2J Slideshow
The 2J-SlideShow Plugin for WordPress is vulnerable to authorization bypass due to a missing capability check on the 'twoj_slideshow_setup' function called via the wp_ajax_twoj_slideshow_setup AJAX action in versions up to, and including, 1.3.31.
network
low complexity
2joomla CWE-862
4.3
2022-05-20 CVE-2022-29426 Cross-site Scripting vulnerability in 2Joomla 2J Slideshow
Authenticated (contributor or higher user role) Reflected Cross-Site Scripting (XSS) vulnerability in 2J Slideshow Team's Slideshow, Image Slider by 2J plugin <= 1.3.54 at WordPress.
network
2joomla CWE-79
3.5