The Responsive Clients Logo Gallery Plugin for WordPress plugin up to and including 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in a page/post where the shortcode is embed, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks.
| Vulnerable Product | Search on Vulmon | Subscribe to Product |
|---|---|---|
accesspressthemes smart logo showcase lite 1.1.7 |
||
accesspressthemes smart logo showcase lite 1.1.9 |
||
accesspressthemes smart logo showcase lite 1.1.8 |
||
accesspressthemes smart logo showcase lite 1.1.6 |
||
accesspressthemes smart logo showcase lite 1.1.5 |
||
accesspressthemes smart logo showcase lite 1.1.4 |
||
accesspressthemes smart logo showcase lite 1.1.3 |
||
accesspressthemes smart logo showcase lite 1.1.2 |
||
accesspressthemes smart logo showcase lite 1.1.1 |
||
accesspressthemes smart logo showcase lite 1.1.0 |
||
accesspressthemes smart logo showcase lite 1.0.9 |
||
accesspressthemes smart logo showcase lite 1.0.8 |
||
accesspressthemes smart logo showcase lite 1.0.7 |
||
accesspressthemes smart logo showcase lite 1.0.6 |
||
accesspressthemes smart logo showcase lite 1.0.5 |
||
accesspressthemes smart logo showcase lite 1.0.4 |
||
accesspressthemes smart logo showcase lite 1.0.3 |
||
accesspressthemes smart logo showcase lite 1.0.2 |
||
accesspressthemes smart logo showcase lite 1.0.1 |
||
accesspressthemes smart logo showcase lite 1.0.0 |
Vulmon