CVE-2024-4581 Slider Revolution <= 6.7.11 - Authenticated (Author+) Stored Cross-Site Scripting via Add Layer class, id, and title Attributes

🗓️ 04 Jun 2024 08:31:21Reported by WordfenceType

Slider Revolution plugin Authenticated Stored Cross-Site Scripting vulnerability

Reporter	Title	Published	Views	Family All 9
CVE	CVE-2024-4581	4 Jun 202408:31	–	cve
EUVD	EUVD-2024-44192	3 Oct 202520:07	–	euvd
NVD	CVE-2024-4581	4 Jun 202409:15	–	nvd
OSV	CVE-2024-4581	4 Jun 202409:15	–	osv
Patchstack	WordPress Slider Revolution plugin <= 6.7.11 - Authenticated (Author+) Stored Cross-Site Scripting via Add Layer class, id, and title Attributes vulnerability	2 Feb 202612:21	–	patchstack
RedhatCVE	CVE-2024-4581	23 May 202507:37	–	redhatcve
Vulnrichment	CVE-2024-4581 Slider Revolution <= 6.7.11 - Authenticated (Author+) Stored Cross-Site Scripting via Add Layer class, id, and title Attributes	4 Jun 202408:31	–	vulnrichment
Wordfence Blog	Wordfence Intelligence Weekly WordPress Vulnerability Report (June 3, 2024 to June 9, 2024)	13 Jun 202415:35	–	wordfence
WPVulnDB	Slider Revolution < 6.7.11 - Authenticated (Author+) Stored Cross-Site Scripting via Add Layer class, id, and title Attributes	3 Jun 202400:00	–	wpvulndb

[
  {
    "vendor": "Revolution Slider",
    "product": "Slider Revolution",
    "versions": [
      {
        "version": "0",
        "status": "affected",
        "lessThanOrEqual": "6.7.10",
        "versionType": "semver"
      }
    ],
    "defaultStatus": "unaffected"
  }
]

Source	Link
sliderrevolution	www.sliderrevolution.com/documentation/changelog/
wordfence	www.wordfence.com/threat-intel/vulnerabilities/id/a99b8eb9-1511-4ec0-98f4-c0e0c989fa28

08 Apr 2026 17:14Current

5.7Medium risk

Vulners AI Score5.7

CVSS 3.16.4

EPSS0.00279

CWE-79