Lucene search
K

252 matches found

EUVD
EUVD
added 3 hours ago3 views

EUVD-2025-210458

The Ultimate Before After Image Slider & Gallery WordPress plugin before 4.7.1 does not escape the value of the BEAF Slider widget's shortcode field before outputting it on the front end the value is passed through doshortcode, which echoes non-shortcode content verbatim, allowing users with...

6.1AI score
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/06/05 7:35 p.m.10 views

CVE-2026-5428

The Royal Elementor Addons plugin for WordPress is vulnerable to Stored Cross-Site Scripting via image captions in the Image Grid/Slider/Carousel widget in versions up to and including 1.7.1056. This is due to insufficient output escaping in the renderpostthumbnail function, where wpksespost is...

6.4CVSS5.7AI score0.00264EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/21 12:0 a.m.9 views

WordPress plugin Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. Issues...

7.2CVSS5.9AI score0.00425EPSS
Exploits0References2
RedhatCVE
RedhatCVE
added 2026/03/26 5:2 p.m.6 views

CVE-2026-32494

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through = 2.7.1...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/03/26 3:17 p.m.5 views

CVE-2026-32402

Missing Authorization vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through = 2.7.1...

5.3CVSS5.8AI score0.00224EPSS
Exploits0References1
EUVD
EUVD
added 2026/03/25 6:31 p.m.6 views

EUVD-2026-15837

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through = 2.7.1...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References2
NVD
NVD
added 2026/03/25 5:17 p.m.3 views

CVE-2026-32494

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through = 2.7.1...

7.1CVSS0.00175EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/03/25 4:14 p.m.2 views

CVE-2026-32494 WordPress Image Slider by Ays plugin <= 2.7.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through = 2.7.1...

5.8AI score0.00175EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 4:14 p.m.10 views

CVE-2026-32494

CVE-2026-32494 corresponds to an unauthenticated Stored Cross-Site Scripting vulnerability in the WordPress plugin Image Slider by Ays (ays-slider) , affecting versions up to 2.7.1. The Wordfence entry (and CVE record) indicate the issue is in the Ays Slider/Pro Image Slider, tied to improper inp...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/25 4:14 p.m.25 views

CVE-2026-32494 WordPress Image Slider by Ays plugin <= 2.7.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through = 2.7.1...

7.1CVSS0.00175EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/25 4:14 p.m.2 views

CVE-2026-32494

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through = 2.7.1...

5.8AI score0.00175EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/25 12:0 a.m.9 views

WordPress plugin Image Slider by Ays 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS5.8AI score0.00175EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/03/25 12:0 a.m.5 views

PT-2026-28008

Name of the Vulnerable Software and Affected Versions Ays Pro Image Slider versions n/a through 2.7.1 Description An issue exists in Ays Pro Image Slider that allows for improper neutralization of input during web page generation, potentially leading to cross-site scripting. This occurs due to...

7.1CVSS5.3AI score0.00175EPSS
Exploits0References3
Patchstack
Patchstack
added 2026/03/20 8:59 p.m.5 views

WordPress Image Slider by Ays plugin <= 2.7.1 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by w41bu1 in WordPress Plugin Image Slider by Ays versions = 2.7.1...

7.1CVSS5.8AI score0.00175EPSS
Exploits0Affected Software1
EUVD
EUVD
added 2026/03/13 9:31 p.m.3 views

EUVD-2026-11919

Missing Authorization vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through = 2.7.1...

5.3CVSS5.8AI score0.00224EPSS
Exploits0References2
NVD
NVD
added 2026/03/13 7:54 p.m.4 views

CVE-2026-32402

Missing Authorization vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through = 2.7.1...

5.3CVSS0.00224EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/03/13 11:42 a.m.4 views

CVE-2026-32402

Missing Authorization vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through = 2.7.1...

5.8AI score0.00224EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/03/13 11:42 a.m.2 views

CVE-2026-32402 WordPress Image Slider by Ays plugin <= 2.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through = 2.7.1...

5.3CVSS5.8AI score0.00224EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/03/13 11:42 a.m.28 views

CVE-2026-32402 WordPress Image Slider by Ays plugin <= 2.7.1 - Broken Access Control vulnerability

Missing Authorization vulnerability in Ays Pro Image Slider by Ays ays-slider allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Image Slider by Ays: from n/a through = 2.7.1...

5.3CVSS0.00224EPSS
Exploits0References1
CVE
CVE
added 2026/03/13 11:42 a.m.9 views

CVE-2026-32402

CVE-2026-32402 concerns the WordPress Image Slider by Ays plugin (Ays Slider)

5.3CVSS5.8AI score0.00224EPSS
Exploits0References1
Rows per page
Query Builder