MidnightBSD

Advisories for snilesh

CVE-2013-2708 MEDIUM

Cross-site request forgery (CSRF) vulnerability in the Content Slide plugin 1.4.2 for WordPress allows remote attackers to hijack the authentication of administrators for requests that change plugin settings via unspecified vectors.

CVSS 2.0

Severity: MEDIUM

Problem Type: CWE-352,

Products Affected

Vendor Product Version
snilesh content_slide 1.4.2
CVE-2024-51596

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') vulnerability in Nilesh Shiragave Business business allows Stored XSS.This issue affects Business: from n/a through <= 1.3.

CVSS 3.x

Source Score Severity Vector Exploitability Impact
audit@patchstack.com 6.5 MEDIUM CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L 2.3 3.7

Products Affected

Vendor Product Version
snilesh business *