CVE-2026-48968 WordPress Master Slider plugin <= 3.10.8 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Averta Master Slider allows DOM-Based XSS. This issue affects Master Slider: from n/a through 3.10.8...

EUVD-2021-34784

Slider by Soliloquy 2.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the title parameter. Attackers can add JavaScript payloads in the title field when creating or editing sliders, which executes in the browsers of...

CVE-2021-47922

Slider by Soliloquy 2.6.2 contains a stored cross-site scripting vulnerability that allows authenticated attackers to inject malicious scripts through the title parameter. Attackers can add JavaScript payloads in the title field when creating or editing sliders, which executes in the browsers of...

WordPress plugin Accordion and Accordion Slider 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application extension. The...

WordPress Prime Slider plugin <= 4.1.10 - Authenticated (Contributor+) Stored Cross-Site Scripting via 'follow_us_text' Parameter vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via 'followustext' Parameter vulnerability discovered by WordFence in WordPress Plugin Prime Slider – Addons For Elementor versions = 4.1.10...

CVE-2026-0609

The Logo Slider – Logo Carousel, Logo Showcase & Client Logo Slider Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image alt text in all versions up to, and including, 4.9.0 due to insufficient input sanitization and output escaping in the 'logo-slider' shortcode...

CVE-2026-32491

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in jgwhite33 WP Review Slider wp-facebook-reviews allows Stored XSS.This issue affects WP Review Slider: from n/a through = 13.9...

CVE-2026-0609

The Logo Slider – Logo Carousel, Logo Showcase & Client Logo Slider Plugin for WordPress is affected by a Stored Cross-Site Scripting vulnerability in all versions up to and including 4.9.0, caused by insufficient input sanitization and output escaping in the 'logo-slider' shortcode. Exploitation...

CVE-2026-0609

The Logo Slider – Logo Carousel, Logo Showcase & Client Logo Slider Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image alt text in all versions up to, and including, 4.9.0 due to insufficient input sanitization and output escaping in the 'logo-slider' shortcode...

PT-2026-26799

The Logo Slider – Logo Carousel, Logo Showcase & Client Logo Slider Plugin plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the image alt text in all versions up to, and including, 4.9.0 due to insufficient input sanitization and output escaping in the 'logo-slider' shortcode...

CVE-2026-25399

CVE-2026-25399 concerns the WordPress plugin CryoutSerious-Slider (Serious Slider) versions up to and including 1.2.7, reporting a Missing Authorization vulnerability. The Red Hat, NVD, and CVE records describe a Broken Access Control issue (access control security level misconfiguration) that co...

CVE-2026-1634

The Subitem AL Slider plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the $SERVER'PHPSELF' parameter in all versions up to, and including, 1.0.0 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject...

CVE-2026-24626

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LogicHunt Logo Slider logo-slider-wp allows Stored XSS.This issue affects Logo Slider: from n/a through = 5.1.1...

CVE-2026-24626 WordPress Logo Slider plugin <= 5.1.1 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LogicHunt Logo Slider logo-slider-wp allows Stored XSS.This issue affects Logo Slider: from n/a through = 5.1.1...

PT-2026-4457

Name of the Vulnerable Software and Affected Versions LogicHunt Logo Slider versions through 4.9.0 Description The software contains a flaw related to improper input handling during web page creation, specifically a Stored Cross-site Scripting issue. This allows for the injection of malicious...

CVE-2026-24383

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins B Slider b-slider allows DOM-Based XSS.This issue affects B Slider: from n/a through = 2.0.6...

CVE-2026-24383 WordPress B Slider plugin <= 2.0.6 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in bPlugins B Slider b-slider allows DOM-Based XSS.This issue affects B Slider: from n/a through = 2.0.6...

WordPress Logo Slider plugin <= 4.9.0 - Cross Site Scripting (XSS) vulnerability

Cross Site Scripting XSS vulnerability discovered by Jitlada in WordPress Plugin Logo Slider versions = 4.9.0...

CVE-2022-42485

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Galaxy Weblinks Gallery with thumbnail slider plugin = 6.0 versions...

WordPress Magic Slider plugin <= 2.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Magic Slider versions = 2.2...