CVE-2023-25797

State: PUBLISHED · Published: 2023-05-03 · Updated: 2025-02-19 · Assigner: Patchstack

Description

Auth. Stored Cross-Site Scripting (XSS) vulnerability in Mr.Vibe vSlider Multi Image Slider for WordPress plugin <= 4.1.2 versions.

CWE

CWE-79 — CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

Affected

Mr.Vibe / vSlider Multi Image Slider for WordPress — v=n/a ≤4.1.2 [affected]

CVSS

References

Source

cvelistV5-main/cves/2023/25xxx/CVE-2023-25797.json