cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-24739,https://securityvulnerability.io/vulnerability/CVE-2021-24739,Logo Carousel < 3.4.2 - Unauthorised Private Post Access,The Logo Carousel WordPress plugin before 3.4.2 allows users with a role as low as Contributor to duplicate and view arbitrary private posts made by other users via the Carousel Duplication feature,Wordpress,"Logo Carousel – Logo Slider, Logo Showcase, And Clients Logo Gallery",8.1,HIGH,0.0008299999753944576,false,,false,false,false,,false,false,2021-12-21T08:45:28.000Z,0
CVE-2021-24738,https://securityvulnerability.io/vulnerability/CVE-2021-24738,Logo Carousel < 3.4.2 - Contributor+ Stored Cross-Site Scripting,"The Logo Carousel WordPress plugin before 3.4.2 does not validate and escape the ""Logo Margin"" carousel option, which could allow users with a role as low as Contributor to perform Stored Cross-Site Scripting attacks",Wordpress,"Logo Carousel – Logo Slider, Logo Showcase, And Clients Logo Gallery",5.4,MEDIUM,0.000539999979082495,false,,false,false,false,,false,false,2021-12-21T08:45:26.000Z,0