The Carousel Slider WordPress plugin before 2.2.11 does not sanitise and escape some parameters, which could allow users with a role as low as editor to perform Cross-Site Scripting attacks
This Cyber News was published on www.tenable.com. Publication date: Tue, 21 May 2024 11:11:02 +0000