Vulnerabilities > Tribulant > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-06-08 | CVE-2024-35718 | Unspecified vulnerability in Tribulant Newsletters Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting') vulnerability in Tribulant Newsletters allows Reflected XSS.This issue affects Newsletters: from n/a through 4.9.5. | 6.1 |
| 2024-04-10 | CVE-2024-31353 | Unspecified vulnerability in Tribulant Slideshow Gallery Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8. | 5.3 |
| 2021-11-23 | CVE-2021-24882 | Unspecified vulnerability in Tribulant Slideshow Gallery The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise and escape the Slide "Title", "Description", and Gallery "Title" fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed | 4.8 |
| 2019-08-09 | CVE-2019-14787 | Cross-site Scripting vulnerability in Tribulant Newsletters The Tribulant Newsletters plugin before 4.6.19 for WordPress allows XSS via the wp-admin/admin-ajax.php?action=newsletters_load_new_editor contentarea parameter. | 5.4 |
| 2019-04-15 | CVE-2018-18019 | Cross-site Scripting vulnerability in Tribulant Slideshow Gallery 1.6.8 XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-slides&method=save Slide[title], Slide[media_file], or Slide[image_url] parameter. | 6.1 |
| 2019-04-15 | CVE-2018-18017 | Cross-site Scripting vulnerability in Tribulant Slideshow Gallery 1.6.8 XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter. | 6.1 |
| 2018-10-03 | CVE-2018-17946 | Cross-site Scripting vulnerability in Tribulant Slideshow Gallery The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress has XSS via the id, method, Gallerymessage, Galleryerror, or Galleryupdated parameter. | 6.1 |