Vulnerabilities > Spicethemes > Carousel Recent Post Slider AND Banner Slider > 0.7
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-10-30 | CVE-2023-5362 | Cross-site Scripting vulnerability in Spicethemes Carousel, Recent Post Slider and Banner Slider The Carousel, Recent Post Slider and Banner Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via 'spice_post_slider' shortcode in versions up to, and including, 2.0 due to insufficient input sanitization and output escaping on user supplied attributes. | 5.4 |