94 matches found
CVE-2025-1203 Slider, Gallery, Carousel by MetaSlider < 3.95.0 - Editor+ Stored XSS
The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.95.0 does not sanitise and escape some of its settings, which could allow high privilege users such as editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example ...
CVE-2025-1203 Slider, Gallery, Carousel by MetaSlider < 3.95.0 - Editor+ Stored XSS
The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.95.0 does not sanitise and escape some of its settings, which could allow high privilege users such as editor to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example ...
CVE-2025-1203
CVE-2025-1203 – MetaSlider Slider, Gallery, and Carousel (WordPress) ≤ 3.94.0 Issue: The Slider, Gallery, and Carousel by MetaSlider plugin does not sufficiently sanitize/escape certain settings, enabling Stored XSS by high-privilege users (e.g., editors) even when unfiltered_html is disallowed (...
CVE-2025-1062
CVE-2025-1062 affects the WordPress plugin “Slider, Gallery, and Carousel by MetaSlider” pre-3.95.0. The exposure comes from unsanitized/uncleaned and unescaped settings, enabling Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed, such as in multisite setup...
CVE-2025-1062 Slider, Gallery, Carousel by MetaSlider < 3.95.0 - Editor+ Stored XSS
The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.95.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example i...
CVE-2025-1062 Slider, Gallery, Carousel by MetaSlider < 3.95.0 - Editor+ Stored XSS
The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.95.0 does not sanitise and escape some of its settings, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed for example i...
WordPress plugin Slider, Gallery, and Carousel by MetaSlider 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in th...
WordPress plugin Slider, Gallery, and Carousel by MetaSlider 安全漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on servers running PHP and MySQL. WordPress plugin is an application plugin. A security vulnerability exists in th...
PT-2025-12560 · WordPress · Metaslider
Name of the Vulnerable Software and Affected Versions: The Slider, Gallery, and Carousel by MetaSlider WordPress plugin versions prior to 3.95.0 Description: The issue allows high privilege users, such as editors, to perform Stored Cross-Site Scripting attacks, even when the unfiltered html...
CVE-2025-26763
Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider ml-slider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through = 3.94.0...
CVE-2025-26763
Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider ml-slider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through = 3.94.0...
CVE-2025-26763 WordPress Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider Plugin <= 3.94.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider ml-slider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through = 3.94.0...
CVE-2025-26763 WordPress Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider Plugin <= 3.94.0 - PHP Object Injection vulnerability
Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider ml-slider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through = 3.94.0...
CVE-2025-26763
CVE-2025-26763 – A deserialization of untrusted data vulnerability in the WordPress plugin MetaSlider Responsive Slider (
WordPress plugin Responsive Slider by MetaSlider 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability exists i...
PT-2025-7611 · Unknown · Metaslider Responsive Slider
Name of the Vulnerable Software and Affected Versions: MetaSlider Responsive Slider versions up to 3.94.0 Description: The issue is related to the deserialization of untrusted data, which allows Object Injection. This poses a significant cyber threat. Recommendations: For versions up to 3.94.0,...
WordPress Slider, Gallery, and Carousel by MetaSlider – Image Slider, Video Slider Plugin <= 3.94.0 - PHP Object Injection vulnerability
PHP Object Injection vulnerability discovered by Le Ngoc Anh Patchstack Alliance in WordPress Plugin Responsive Slider by MetaSlider versions = 3.94.0...
CVE-2025-24533
Cross-Site Request Forgery CSRF vulnerability in MetaSlider Responsive Slider by MetaSlider ml-slider allows Cross Site Request Forgery.This issue affects Responsive Slider by MetaSlider: from n/a through = 3.92.0...
CVE-2025-24533
CVE-2025-24533 : WordPress MetaSlider plugin (Responsive Slider) contains a Cross-Site Request Forgery (CSRF) vulnerability affecting versions prior to 3.92.0. The issue, observed in MetaSlider Responsive Slider by MetaSlider, enables CSRF as described in vendor/curation sources. Mitigation is to...
CVE-2025-24533 WordPress MetaSlider plugin <= 3.92.0 - Cross Site Request Forgery (CSRF) vulnerability
Cross-Site Request Forgery CSRF vulnerability in MetaSlider Responsive Slider by MetaSlider ml-slider allows Cross Site Request Forgery.This issue affects Responsive Slider by MetaSlider: from n/a through = 3.92.0...