20 matches found
CVE-2025-12713
The Soundslides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the soundslides shortcode in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
EUVD-2025-199784
The Soundslides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the soundslides shortcode in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2025-12713
The Soundslides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the soundslides shortcode in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2025-12713 Soundslides <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via soundslides Shortcode
The Soundslides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the soundslides shortcode in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
CVE-2025-12713
CVE-2025-12713 affects the WordPress plugin Soundslides, vulnerable to Stored Cross-Site Scripting via the soundslides shortcode in all versions up to and including 1.4.2. The issue stems from insufficient input sanitization and output escaping on user-supplied attributes, enabling authenticated ...
CVE-2025-12713 Soundslides <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via soundslides Shortcode
The Soundslides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the soundslides shortcode in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
WordPress plugin Soundslides 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site scripting...
PT-2025-48222
The Soundslides plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the soundslides shortcode in all versions up to, and including, 1.4.2 due to insufficient input sanitization and output escaping on user supplied attributes. This makes it possible for authenticated attackers,...
WordPress Soundslides plugin <= 1.4.2 - Authenticated (Contributor+) Stored Cross-Site Scripting via soundslides Shortcode vulnerability
Authenticated Contributor+ Stored Cross-Site Scripting via soundslides Shortcode vulnerability discovered by Muhammad Yudha - DJ in WordPress Plugin Soundslides versions = 1.4.2...
EUVD-2025-8673
Malicious code in bioql PyPI...
CVE-2025-2249
The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sojsoundslidesoptionssubpanel function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with Contributor-level access and...
WordPress SoJ SoundSlides 1.2.2 Shell Upload
WordPress SoJ SoundSlides plugin versions 1.2.2 and below suffer from a remote shell upload vulnerability...
CVE-2025-2249
The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sojsoundslidesoptionssubpanel function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2025-2249 SoJ Soundslides <= 1.2.2 - Authenticated (Contributor+) Arbitrary File Upload
The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sojsoundslidesoptionssubpanel function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with Contributor-level access and...
CVE-2025-2249
The SoJ SoundSlides WordPress plugin (versions
CVE-2025-2249 SoJ Soundslides <= 1.2.2 - Authenticated (Contributor+) Arbitrary File Upload
The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the sojsoundslidesoptionssubpanel function in all versions up to, and including, 1.2.2. This makes it possible for authenticated attackers, with Contributor-level access and...
WordPress plugin SoJ SoundSlides 代码问题漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A code issue vulnerability...
Exploit for CVE-2025-2249
🔐 WordPress SoJ SoundSlides Plugin ⚠️ DISCLAIMER: This ex...
WordPress SoJ Soundslides plugin <= 1.2.2 - Authenticated (Contributor+) Arbitrary File Upload vulnerability
Authenticated Contributor+ Arbitrary File Upload vulnerability discovered by Hoang Phuc Vo HrxKnight in WordPress Plugin SoJ SoundSlides versions = 1.2.2...
PT-2025-13598 · WordPress · Soj Soundslides
Name of the Vulnerable Software and Affected Versions: SoJ SoundSlides plugin for WordPress version 1.2.2 and earlier Description: The SoJ SoundSlides plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the soj soundslides options subpanel function...