The Logo Showcase with Slick Slider WordPress plugin prior to 1.2.4 does not sanitise the Grid Settings, which could allow users with a role as low as Author to perform stored Cross-Site Scripting attacks via post metadata of Grid logo showcase.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
infornweb logo showcase with slick slider |