Vulnerabilities > Tribulant > Slideshow Gallery > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-10 | CVE-2024-31353 | Unspecified vulnerability in Tribulant Slideshow Gallery Insertion of Sensitive Information into Log File vulnerability in Tribulant Slideshow Gallery.This issue affects Slideshow Gallery: from n/a through 1.7.8. | 5.3 |
| 2021-11-23 | CVE-2021-24882 | Unspecified vulnerability in Tribulant Slideshow Gallery The Slideshow Gallery WordPress plugin before 1.7.4 does not sanitise and escape the Slide "Title", "Description", and Gallery "Title" fields, which could allow high privilege users to perform Cross-Site Scripting attacks even when the unfiltered_html is disallowed | 4.8 |
| 2019-04-15 | CVE-2018-18019 | Cross-site Scripting vulnerability in Tribulant Slideshow Gallery 1.6.8 XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-slides&method=save Slide[title], Slide[media_file], or Slide[image_url] parameter. | 6.1 |
| 2019-04-15 | CVE-2018-18017 | Cross-site Scripting vulnerability in Tribulant Slideshow Gallery 1.6.8 XSS exists in the Tribulant Slideshow Gallery plugin 1.6.8 for WordPress via the wp-admin/admin.php?page=slideshow-galleries&method=save Gallery[id] or Gallery[title] parameter. | 6.1 |
| 2018-10-03 | CVE-2018-17946 | Cross-site Scripting vulnerability in Tribulant Slideshow Gallery The Tribulant Slideshow Gallery plugin before 1.6.6.1 for WordPress has XSS via the id, method, Gallerymessage, Galleryerror, or Galleryupdated parameter. | 6.1 |