CVE-2024-11731

The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's msslider shortcode in all versions up to, and including, 3.10.6 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it...

WordPress Master Slider plugin <= 3.10.7 - Authenticated (Contributor+) Stored Cross-Site Scripting via ms_slider Shortcode vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via msslider Shortcode vulnerability discovered by Peter Thaleikis in WordPress Plugin Master Slider versions = 3.10.7...

CVE-2025-22555

Cross-Site Request Forgery CSRF vulnerability in njshofe Smoothness Slider Shortcode smoothness-slider-shortcode allows Cross Site Request Forgery.This issue affects Smoothness Slider Shortcode: from n/a through = v1.2.2...

PT-2025-2200 · WordPress · B Slider- Gutenberg Slider Block

Name of the Vulnerable Software and Affected Versions: The B Slider- Gutenberg Slider Block for WP plugin for WordPress versions up to, and including, 1.9.5 Description: The issue allows authenticated attackers with Contributor-level access and above to extract data from private posts they should...

CVE-2025-22555 WordPress Smoothness Slider Shortcode plugin <= v1.2.2 - CSRF to Stored XSS vulnerability

Cross-Site Request Forgery CSRF vulnerability in Noel Jarencio. Smoothness Slider Shortcode allows Cross Site Request Forgery.This issue affects Smoothness Slider Shortcode: from n/a through v1.2.2...

CVE-2025-22555

CVE-2025-22555 is a Cross-Site Request Forgery (CSRF) vulnerability in the WordPress plugin Smoothness Slider Shortcode, affecting versions up to v1.2.2. The description notes CSRF can lead to stored Cross-Site Scripting (XSS); CVSS vector: AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:L, base score 7.1 (HIG...

WordPress Smoothness Slider Shortcode plugin <= v1.2.2 - CSRF to Stored XSS vulnerability

CSRF to Stored XSS vulnerability discovered by SOPROBRO Patchstack Alliance in WordPress Plugin Smoothness Slider Shortcode versions = v1.2.2...

WordPress plugin Smoothness Slider Shortcode 跨站请求伪造漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on servers running PHP and MySQL.WordPress plugin is an application plugin. A cross-site request forgery...

PT-2025-4546 · Unknown · Smoothness Slider Shortcode

Name of the Vulnerable Software and Affected Versions: Smoothness Slider Shortcode versions n/a through v1.2.2 Description: The issue is a Cross-Site Request Forgery CSRF vulnerability, which allows Cross Site Request Forgery. This means an attacker can trick a user into performing unintended...

WordPress plugin Testimonial Slider Shortcode 跨站脚本漏洞

WordPress and the WordPress plugin are both products of the WordPress Foundation. WordPress is a blogging platform developed in the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. A cross-site scripting vulnerability exis...

CVE-2023-5707

The SEO Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's 'slider' shortcode and post meta in all versions up to, and including, 1.1.0 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for...

WordPress Plugin SEO Slider Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports personal blog sites on PHP and MySQL servers.WordPress plugin is an application plugin. WordPress Plugin SEO Slider 1.1.0 and...

CVE-2023-4795 Testimonial Slider Shortcode < 1.1.9 - Contributor+ Stored XSS

The Testimonial Slider Shortcode WordPress plugin before 1.1.9 does not validate and escape some of its shortcode attributes before outputting them back in the page, which could allow users with a role as low as contributor to perform Stored Cross-Site Scripting attacks which could be used agains...

WordPress plugin Testimonial Slider Shortcode Cross-Site Scripting Vulnerability

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. WordPress plugin is an application plugin that supports personal blog sites on PHP and MySQL servers. A cross-site scripting vulnerability exists in the...