EUVD-2026-24694

The SlideShowPro SC plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slideShowProSC shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2026-5767

The SlideShowPro SC plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slideShowProSC shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

CVE-2026-5767

The CVE-2026-5767 entry concerns the WordPress SlideShowPro SC plugin (vulnerable up to 1.0.2). It enables a Stored Cross-Site Scripting flaw through the slideShowProSC shortcode’s album attribute, allowed for authenticated users with contributor-level access and above. The vulnerability arises f...

CVE-2026-5767 SlideShowPro SC <= 1.0.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'album' Shortcode Attribute

The SlideShowPro SC plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's slideShowProSC shortcode in all versions up to, and including, 1.0.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

PT-2026-34303

Name of the Vulnerable Software and Affected Versions SlideShowPro SC versions prior to 1.0.3 Description The SlideShowPro SC plugin for WordPress contains a Stored Cross-Site Scripting issue. This occurs due to insufficient input sanitization and output escaping on user supplied attributes withi...

WordPress plugin SlideShowPro SC 跨站脚本漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

EUVD-2009-2919

Malware in sbrugna...

CVE-2009-2931

Directory traversal vulnerability in p.php in SlideShowPro Director 1.1 through 1.3.8 allows remote attackers to read arbitrary files via directory traversal sequences in the a parameter...

Directory traversal

Directory traversal vulnerability in p.php in SlideShowPro Director 1.1 through 1.3.8 allows remote attackers to read arbitrary files via directory traversal sequences in the a parameter...

CVE-2009-2931

Directory traversal vulnerability in p.php in SlideShowPro Director 1.1 through 1.3.8 allows remote attackers to read arbitrary files via directory traversal sequences in the a parameter...

CVE-2009-2931

CVE-2009-2931 affects SlideShowPro Director versions 1.1 through 1.3.8, via a vulnerability in the script file p.php . The underlying issue is a directory traversal in the a parameter, allowing remote attackers to read arbitrary files on the server. The initial public sources in the connected doc...

[CSS09-01] SlideShowPro Director File Disclosure Vulnerability

CSS09-01: SlideShowPro Director File Disclosure Vulnerability August 5, 2009 SUMMARY SlideShowPro Director is vulnerable to a file disclosure flaw because it fails to perform proper validation and handling of input parameters. Attackers can exploit this vulnerability to read arbitrary files from...