6.1
CVSSv3

CVE-2024-13331

CVSSv4: NA | CVSSv3: 6.1 | CVSSv2: NA | VMScore: 710 | EPSS: 0.00043 | KEV: Not Included
Published: 04/02/2025 Updated: 04/02/2025

Vulnerability Summary

Reflected XSS Vulnerability in WP Dream Carousel WordPress Plugin through 1.0.1b

The WP Dream Carousel WordPress plugin up to and including 1.0.1b does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin

Vulnerable Product Search on Vulmon Subscribe to Product

unknown wp dream carousel