Vulnerabilities > Eralion
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-27 | CVE-2023-5774 | Unspecified vulnerability in Eralion Animated Counters The Animated Counters plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's shortcode(s) in all versions up to, and including, 1.7 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |
| 2023-10-27 | CVE-2023-5817 | Cross-site Scripting vulnerability in Eralion Neon Text The Neon text plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's neontext_box shortcode in all versions up to, and including, 1.1 due to insufficient input sanitization and output escaping on user supplied attributes (color). | 5.4 |