WordPress Elementor Addon Elements plugin <= 1.12.12 - Authenticated (Contributor+) Stored Cross-Site Scripting via Thumbnail Slider Widget vulnerability

Authenticated Contributor+ Stored Cross-Site Scripting via Thumbnail Slider Widget vulnerability discovered by wesley wcraft in WordPress Plugin Elementor Addon Elements versions = 1.12.12...

CVE-2022-42485

Auth. contributor+ Cross-Site Scripting XSS vulnerability in Galaxy Weblinks Gallery with thumbnail slider plugin = 6.0 versions...

WordPress Responsive Thumbnail Slider plugin < 1.0.1 - Authenticated (Subscriber+) Arbitrary File Upload vulnerability

Authenticated Subscriber+ Arbitrary File Upload vulnerability discovered by Arash Khazaei in WordPress Plugin Thumbnail carousel slider versions 1.0.1...

WordPress Gallery with thumbnail slider plugin <= 7.8 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Gallery with thumbnail slider versions = 7.8...

WordPress Thumbnail Slider With Lightbox plugin <= 1.0.21 - Authenticated (Contributor+) DOM-Based Stored Cross-Site Scripting vulnerability

Authenticated Contributor+ DOM-Based Stored Cross-Site Scripting vulnerability discovered by Webbernaut in WordPress Plugin Thumbnail Slider With Lightbox versions = 1.0.21...

CVE-2015-10146

The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possibl...

CVE-2015-10146

The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possibl...

EUVD-2015-9406

The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possibl...

CVE-2015-10146 Thumbnail Slider With Lightbox <= 1.0.4 - Authenticated (Admin+) SQL Injection

The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possibl...

CVE-2015-10146

CVE-2015-10146 affects the WordPress plugin Thumbnail Slider With Lightbox (plugin slug: wp-responsive-slider-with-lightbox). All versions up to and including 1.0.4 are vulnerable to SQL injection via the id parameter due to insufficient escaping and improper query construction. Exploitation requ...

CVE-2015-10146 Thumbnail Slider With Lightbox <= 1.0.4 - Authenticated (Admin+) SQL Injection

The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to SQL Injection via the 'id' parameter in all versions up to, and including, 1.0.4 due to insufficient escaping on the user supplied parameter and lack of sufficient preparation on the existing SQL query. This makes it possibl...

WordPress Thumbnail Slider With Lightbox plugin <= 1.0.4 - Authenticated (Admin+) SQL Injection vulnerability

Authenticated Admin+ SQL Injection vulnerability discovered by Ala Arfaoui in WordPress Plugin Thumbnail Slider With Lightbox versions = 1.0.4...

WordPress plugin Thumbnail Slider With Lightbox SQL注入漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin.... A SQL injection...

PT-2025-44270

Name of the Vulnerable Software and Affected Versions Thumbnail Slider With Lightbox versions up to and including 1.0.4 Description The Thumbnail Slider With Lightbox plugin for WordPress is susceptible to SQL Injection through the id parameter. Insufficient escaping of user-supplied input and...

EUVD-2022-45555

Malicious code in bioql PyPI...

CVE-2015-10144

The Responsive Thumbnail Slider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type sanitization in the via the image uploader in versions up to 1.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary...

CVE-2015-10144 Responsive Thumbnail Slider < 1.0.1 - Authenticated (Subscriber+) Arbitrary File Upload

The Responsive Thumbnail Slider plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type sanitization in the via the image uploader in versions up to 1.0.1. This makes it possible for authenticated attackers, with subscriber-level access and above, to upload arbitrary...

PT-2025-51681

Name of the Vulnerable Software and Affected Versions Responsive Thumbnail Slider plugin for WordPress versions prior to 1.0.1 Description The software is susceptible to arbitrary file uploads because of inadequate file type validation within the image uploader. Attackers with subscriber-level...

CVE-2023-5531

The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Cross-Site Request Forgery in versions up to, and including, 1.0. This is due to missing or incorrect nonce validation on the delete functionality. This makes it possible for unauthenticated attackers to delete image...

CVE-2023-5621

The Thumbnail Slider With Lightbox plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the Image Title field in versions up to, and including, 1.0 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with...