Slideshow <= 2.3.1 - Admin+ Stored Cross-Site Scripting

The plugin does not sanitize and escape some of its default slideshow settings, which could allow high-privileged users such as admin to perform Cross-Site Scripting attacks even when the unfilteredhtml capability is disallowed As admin, put the following payload in the "Number of seconds the sli...

CVE-2022-29426

Authenticated contributor or higher user role Reflected Cross-Site Scripting XSS vulnerability in 2J Slideshow Team's Slideshow, Image Slider by 2J plugin = 1.3.54 at WordPress...

CVE-2017-1002012

Vulnerability in wordpress plugin image-gallery-with-slideshow v1.5.2, In image-gallery-with-slideshow/adminsetting.php the following snippet of code does not sanitize input via the gid variable before passing it into an SQL statement...

WordPress Plugin Slideshow 'SlideshowPluginSlideshowStyleshe' Information Disclosure Vulnerability

WordPress is the WordPress Software Foundation of a set of blogging platform developed using the PHP language , the platform supports PHP and MySQL server set up a personal blog site . Slideshow is one of the plugin to add slideshow . A security vulnerability exists in the...

Input validation

The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function in the Slideshow plugin 2.2.8 through 2.2.21 for Wordpress allows remote attackers to read arbitrary Wordpress option values...

CVE-2015-3634

The SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX function in the Slideshow plugin 2.2.8 through 2.2.21 for Wordpress allows remote attackers to read arbitrary Wordpress option values...

Wordpress CP Image Store with Slideshow Plugin 1.0.5 Arbitrary File Download Vulnerability

Exploit for php platform in category web applications Exploit Title: WordPress CP Image Store with Slideshow 1.0.5 Arbitrary file download vulnerability Date: 2015-07-10 Google Dork: Exploit Author: Joaquin Ramirez Martinez i0akiN SEC-LABORATORY Vendor Homepage: http://wordpress.dwbooster.com/...

Slideshow - Multiple Script Insertion Vulnerabilities

The Slideshow WordPress plugin was affected by a Multiple Script Insertion Vulnerabilities security vulnerability...

wp-homepage-slideshow - Arbitrary File Upload

The wp-homepage-slideshow WordPress plugin was affected by an Arbitrary File Upload security vulnerability...

WordPress Slideshow Plugin <= 2.1.12 Multiple Vulnerabilities - Active Check

WordPress Slideshow Plugin is prone to multiple cross-site scripting XSS and full path disclosure vulnerabilities. SPDX-FileCopyrightText: 2012 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders...

WordPress Slideshow Plugin - Multiple Cross Site Scripting Vulnerabilities

WordPress Slideshow plugin is prone to multiple cross-site scripting vulnerabilities. These vulnerabilities allow an attacker to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. In that way, an attacker can steal cookie-based authentication...

WordPress Plugin SH Slideshow 3.1.4 - SQL Injection

Exploit Title: WordPress SH Slideshow plugin 1,BENCHMARK5000000,MD5CHAR115,113,108,109,97,112,0--%20 --------------- Vulnerable code --------------- $result = $wpdb-query'delete from shslides where id = '.$POST'id';...