Vulnerabilities > Tribulant > Slideshow Gallery
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-10 | CVE-2024-31353 | Information Exposure Through Log Files vulnerability in Tribulant Slideshow Gallery Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8. | 5.3 |
| 2023-12-20 | CVE-2023-28491 | SQL Injection vulnerability in Tribulant Slideshow Gallery Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') vulnerability in Tribulant Slideshow Gallery LITE.This issue affects Slideshow Gallery LITE: from n/a through 1.7.6. | 7.2 |
| 2023-11-12 | CVE-2023-28497 | Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery Cross-Site Request Forgery (CSRF) vulnerability in Tribulant Slideshow Gallery LITE plugin <= 1.7.6 versions. | 8.8 |
| 2021-11-23 | CVE-2021-24882 | Cross-site Scripting vulnerability in Tribulant Slideshow Gallery The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise and escape the Slide "Title", "Description", and Gallery "Title" fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed | 3.5 |
| 2019-04-15 | CVE-2018-18019 | Cross-site Scripting vulnerability in Tribulant Slideshow Gallery 1.6.8 XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-slides&method=save Slide[title], Slide[media_file], or Slide[image_url] parameter. | 4.3 |
| 2019-04-15 | CVE-2018-18018 | SQL Injection vulnerability in Tribulant Slideshow Gallery 1.6.8 SQL Injection exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter. | 7.5 |
| 2019-04-15 | CVE-2018-18017 | Cross-site Scripting vulnerability in Tribulant Slideshow Gallery 1.6.8 XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter. | 4.3 |
| 2018-10-03 | CVE-2018-17946 | Cross-site Scripting vulnerability in Tribulant Slideshow Gallery The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress has XSS via the id, method, Gallerymessage, Galleryerror, or Galleryupdated parameter. | 4.3 |