Skip to main content

Comparison Slider

3 CVEs product

Monthly

CVE-2024-4427 MEDIUM This Month

The Comparison Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions in all versions up to, and including, 1.0.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass Comparison Slider
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-4426 MEDIUM This Month

The Comparison Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Comparison Slider
NVD
CVSS 3.1
4.3
EPSS
0.2%
CVE-2024-4422 MEDIUM This Month

The Comparison Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the slider title parameter in all versions up to, and including, 1.0.5 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass XSS Comparison Slider
NVD
CVSS 3.1
6.4
EPSS
0.2%
EPSS 0% CVSS 4.3
MEDIUM This Month

The Comparison Slider plugin for WordPress is vulnerable to unauthorized modification of data due to a missing capability check on several AJAX actions in all versions up to, and including, 1.0.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass Comparison Slider
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

The Comparison Slider plugin for WordPress is vulnerable to Cross-Site Request Forgery in all versions up to, and including, 1.0.5. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

WordPress CSRF Comparison Slider
NVD
EPSS 0% CVSS 6.4
MEDIUM This Month

The Comparison Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the slider title parameter in all versions up to, and including, 1.0.5 due to insufficient input. Rated medium severity (CVSS 6.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

WordPress Authentication Bypass XSS +1
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy