4 matches found
CVE-2025-5291
creationtimestamp| type| source ---|---|--- 2025-06-17 11:38:25+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/18577 2025-06-17 16:01:25+00:00| seen| https://bsky.app/profile/cve.skyfleet.blue/post/3lrsujxd36h2a...
CVE-2025-5291
CVE-2025-5291 concerns the WordPress plugin Master Slider – Responsive Touch Slider. The vulnerability is a Stored Cross-Site Scripting (XSS) in versions up to 3.10.8, triggered via user-supplied attributes in the masterslider_pb and ms_slide shortcodes. Exploitation requires authenticated access...
CVE-2025-5291 Master Slider <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via masterslider_pb and ms_slide Shortcodes
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mastersliderpb and msslide shortcodes in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping on user supplied attributes...
CVE-2025-5291 Master Slider <= 3.10.8 - Authenticated (Contributor+) Stored Cross-Site Scripting via masterslider_pb and ms_slide Shortcodes
The Master Slider – Responsive Touch Slider plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the plugin's mastersliderpb and msslide shortcodes in all versions up to, and including, 3.10.8 due to insufficient input sanitization and output escaping on user supplied attributes...