CVE-2015-3634
CVE-2015-3634 affects the WordPress Slideshow plugin (versions 2.2.8–2.2.21). The vulnerability arises in SlideshowPluginSlideshowStylesheet::loadStylesheetByAJAX, an AJAX action that can be invoked by unauthenticated users, allowing remote readers to disclose arbitrary WordPress option values. C...