网安资讯详情 - SecLens 情报雷达

网安资讯,一网打尽。汇集权威漏洞通告与行业要闻,结合分组浏览、智能过滤、RSS订阅 和 Webhook 推送,多通道拓展您的安全情报视野。

CVE-2025-68074 | GhozyLab Image Carousel Plugin up to 1.0.0.41 on WordPress cross site scripting

来源: vuldb · 发布时间 2026-06-27 00:34 (UTC+08:00) · 抓取时间 2026-06-27 01:01 (UTC+08:00)

原文链接

摘要

A vulnerability marked as <a href="https://vuldb.com/kb/risk">problematic</a> has been reported in <a href="https://vuldb.com/product/ghozylab:image_carousel_plugin">GhozyLab Image Carousel Plugin up to 1.0.0.41</a> on WordPress. This affects an unknown part. The manipulation leads to cross site scripting. This vulnerability is traded as <a href="https://vuldb.com/cve/CVE-2025-68074">CVE-2025-68074</a>. It is possible to initiate the attack remotely. There is no exploit available.

标签

扩展字段

{
  "raw_pub_date": "Fri, 26 Jun 2026 18:34:04 +0200"
}