Vulnerability Database

309,364

Total vulnerabilities in the database

CVE-2024-5429

The Logo Slider WordPress plugin before 4.1.0 does not validate and escape some of its Slider Settings before outputting them back in attributes, which could allow users with the contributor role and above to perform Stored Cross-Site Scripting attacks

Published: Oct 17, 2024
Updated: Nov 16, 2025
CVE: CVE-2024-5429
Severity: High
Exploit:

CVSS v3:

Severity: High
Score: 7.6
AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
logichunt / logo_slider	-	4.1.0

https://wpscan.com/vulnerability/ddb76c88-aeca-42df-830e-abffd29f1141/

Deep Security Visibility Without the Complexity

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.

No setup fees
5-min deployment
Cancel anytime

Book a Demo