Lucene search
+L

115 matches found

VulnCheck KEV
VulnCheck KEV
added 2026/06/05 12:0 a.m.19 views

VulnCheck KEV: CVE-2026-49777

Improper Validation of Specified Quantity in Input vulnerability in ShapedPlugin, LLC Product Slider Pro for WooCommerce allows Malicious Software Implanted. This issue affects Product Slider Pro for WooCommerce: from n/a before 3.5.4...

10CVSS5.4AI score0.01656EPSS
In wildExploits3References3
Positive Technologies
Positive Technologies
added 2026/06/05 12:0 a.m.16 views

PT-2026-46911

Name of the Vulnerable Software and Affected Versions Product Slider Pro for WooCommerce versions prior to 3.5.4 Description Improper validation of input parameters related to specified quantities allows unauthenticated remote attackers to implant malicious software and execute arbitrary commands...

10CVSS6.4AI score0.01656EPSS
Exploits3References9
CNNVD
CNNVD
added 2026/06/05 12:0 a.m.14 views

WordPress plugin Product Slider Pro for WooCommerce 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows users to create personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be installed t...

10CVSS5.4AI score0.01656EPSS
Exploits3References2
Patchstack
Patchstack
added 2026/06/04 9:42 a.m.10 views

WordPress Product Slider Pro for WooCommerce plugin < 3.5.4 - Backdoor vulnerability

Backdoor vulnerability discovered by Shane in WordPress Plugin Product Slider Pro for WooCommerce versions 3.5.4...

10CVSS5.4AI score0.01656EPSS
Exploits3Affected Software1
The Hacker News
The Hacker News
added 2026/04/10 6:28 a.m.7 views

Backdoored Smart Slider 3 Pro Update Distributed via Compromised Nextend Servers

Unknown threat actors have hijacked the update system for the Smart Slider 3 Pro plugin for WordPress and Joomla to push a poisoned version containing a backdoor. The incident impacts Smart Slider 3 Pro version 3.5.1.35 for WordPress, per WordPress security company Patchstack. Smart Slider 3 is a...

6.8AI score
Exploits0
NVD
NVD
added 2026/04/09 11:17 p.m.5 views

CVE-2026-34424

Smart Slider 3 Pro version 3.5.1.35 for WordPress and Joomla contains a multi-stage remote access toolkit injected through a compromised update system that allows unauthenticated attackers to execute arbitrary code and commands. Attackers can trigger pre-authentication remote shell execution via...

9.8CVSS0.00551EPSS
Exploits0References5
Vulnrichment
Vulnrichment
added 2026/04/09 10:59 p.m.3 views

CVE-2026-34424 Smart Slider 3 Pro 3.5.1.35 Supply Chain Attack Remote Access Toolkit

Smart Slider 3 Pro version 3.5.1.35 for WordPress and Joomla contains a multi-stage remote access toolkit injected through a compromised update system that allows unauthenticated attackers to execute arbitrary code and commands. Attackers can trigger pre-authentication remote shell execution via...

9.8CVSS6.3AI score0.00551EPSS
Exploits0References5
CNNVD
CNNVD
added 2026/04/09 12:0 a.m.8 views

WordPress plugin Smart Slider 3 Pro 安全漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

9.8CVSS6.2AI score0.00551EPSS
Exploits0References5
VulnCheck KEV
VulnCheck KEV
added 2026/04/07 12:0 a.m.191 views

VulnCheck KEV: CVE-2026-34424

Smart Slider 3 Pro version 3.5.1.35 for WordPress and Joomla contains a multi-stage remote access toolkit injected through a compromised update system that allows unauthenticated attackers to execute arbitrary code and commands. Attackers can trigger pre-authentication remote shell execution via...

9.8CVSS6.3AI score0.00551EPSS
In wildExploits0References6
RedhatCVE
RedhatCVE
added 2026/01/23 9:16 p.m.5 views

CVE-2025-49066

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Accordion Slider PRO accordionsliderpro allows Reflected XSS.This issue affects Accordion Slider PRO: from n/a through = 1.2...

7.1CVSS5.4AI score0.0023EPSS
Exploits0References1
NVD
NVD
added 2026/01/22 5:15 p.m.4 views

CVE-2025-49066

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Accordion Slider PRO accordionsliderpro allows Reflected XSS.This issue affects Accordion Slider PRO: from n/a through = 1.2...

7.1CVSS0.0023EPSS
Exploits0References1
CVE
CVE
added 2026/01/22 4:51 p.m.9 views

CVE-2025-49066

CVE-2025-49066 is a Reflected XSS in the WordPress plugin Accordion Slider PRO (accordion_slider_pro) affecting versions up to 1.2. The root cause is improper input neutralization during web page generation. The connected sources confirm the vulnerability and affected range, but none provide a pu...

7.1CVSS5.4AI score0.0023EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/01/22 4:51 p.m.2 views

CVE-2025-49066 WordPress Accordion Slider PRO plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Accordion Slider PRO accordionsliderpro allows Reflected XSS.This issue affects Accordion Slider PRO: from n/a through = 1.2...

7.1CVSS5.9AI score0.0023EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/01/22 4:51 p.m.27 views

CVE-2025-49066 WordPress Accordion Slider PRO plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in LambertGroup Accordion Slider PRO accordionsliderpro allows Reflected XSS.This issue affects Accordion Slider PRO: from n/a through = 1.2...

7.1CVSS0.0023EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/22 12:0 a.m.12 views

PT-2026-3973

Name of the Vulnerable Software and Affected Versions Accordion Slider PRO versions through 1.2 Description The software contains a flaw related to improper handling of user-supplied data during web page creation, which can lead to Reflected Cross-site Scripting XSS. This means that malicious cod...

5.5AI score0.0023EPSS
Exploits0References3
CNNVD
CNNVD
added 2026/01/22 12:0 a.m.10 views

WordPress plugin accordion_slider_pro has a cross-site scripting vulnerability

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...

7.1CVSS5.7AI score0.0023EPSS
Exploits0References1
Patchstack
Patchstack
added 2026/01/12 12:48 p.m.5 views

WordPress Accordion Slider PRO plugin <= 1.2 - Reflected Cross Site Scripting (XSS) vulnerability

Reflected Cross Site Scripting XSS vulnerability discovered by João Pedro S Alcântara Kinorth in WordPress Plugin Accordion Slider PRO versions = 1.2...

6.1CVSS6.1AI score0.0023EPSS
Exploits0Affected Software1
Patchstack
Patchstack
added 2025/12/14 5:51 a.m.6 views

WordPress Accordion Slider PRO plugin <= 1.2 - SQL Injection vulnerability

SQL Injection vulnerability discovered by Phat RiO - BlueRock in WordPress Plugin Accordion Slider PRO versions = 1.2...

9.8CVSS8.1AI score0.00274EPSS
Exploits0Affected Software1
CNVD
CNVD
added 2025/12/12 12:0 a.m.2 views

WordPress Accordion Slider PRO plugin SQL Injection Vulnerability

WordPress Accordion Slider PRO plugin is a responsive, touch-enabled slider plugin for WordPress that allows users to create professional and elegant slider effects. The WordPress Accordion Slider PRO plugin suffers from an SQL injection vulnerability that stems from the application's lack of...

9.8CVSS8AI score0.00274EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/12/10 3:13 p.m.6 views

CVE-2025-63045

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in averta Master Slider Pro masterslider allows DOM-Based XSS.This issue affects Master Slider Pro: from n/a through = 3.7.12...

6.5CVSS6.4AI score0.00222EPSS
Exploits0References1
Rows per page
Query Builder