Skip to main content

Wen Logo Slider

1 CVEs product

Monthly

CVE-2025-62127 MEDIUM This Month

DOM-based cross-site scripting (XSS) in WEN Logo Slider WordPress plugin through version 3.4.0 allows authenticated high-privilege users to inject malicious scripts that execute in the browsers of other site visitors when the UI redirects the page, potentially compromising site integrity and user data. The vulnerability requires high-privilege administrator access and user interaction (page redirect), limiting its practical scope to insider threats or compromised admin accounts.

XSS Wen Logo Slider
NVD
CVSS 3.1
5.9
EPSS
0.0%
EPSS 0% CVSS 5.9
MEDIUM This Month

DOM-based cross-site scripting (XSS) in WEN Logo Slider WordPress plugin through version 3.4.0 allows authenticated high-privilege users to inject malicious scripts that execute in the browsers of other site visitors when the UI redirects the page, potentially compromising site integrity and user data. The vulnerability requires high-privilege administrator access and user interaction (page redirect), limiting its practical scope to insider threats or compromised admin accounts.

XSS Wen Logo Slider
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy