Lucene search
K

4 matches found

CVE
CVE
added 2025/06/14 9:23 a.m.48 views

CVE-2025-5337

The CVE-2025-5337 entry affects the WordPress plugin Slider, Gallery, and Carousel by MetaSlider. It describes a Stored DOM-based Cross-Site Scripting vulnerability via the aria-label parameter in all versions up to 3.98.0, caused by insufficient input sanitization and output escaping. Exploitati...

6.4CVSS5.7AI score0.00209EPSS
Exploits0References4Affected Software1
RedhatCVE
RedhatCVE
added 2025/05/22 10:40 p.m.6 views

CVE-2022-2823

The Slider, Gallery, and Carousel by MetaSlider WordPress plugin before 3.27.9 does not sanitise and escape some of its Gallery Image parameters, which could allow high privilege users such as admin to perform Stored Cross-Site Scripting attacks even when the unfilteredhtml capability is disallow...

4.8CVSS5.6AI score0.0047EPSS
Exploits2References1
CVE
CVE
added 2025/03/24 6:0 a.m.51 views

CVE-2025-1062

CVE-2025-1062 affects the WordPress plugin “Slider, Gallery, and Carousel by MetaSlider” pre-3.95.0. The exposure comes from unsanitized/uncleaned and unescaped settings, enabling Stored XSS by high-privilege users (e.g., admins) even when unfiltered_html is disallowed, such as in multisite setup...

3.5CVSS5.8AI score0.00247EPSS
Exploits1References1Affected Software1
NVD
NVD
added 2025/02/22 4:15 p.m.7 views

CVE-2025-26763

Deserialization of Untrusted Data vulnerability in MetaSlider Responsive Slider by MetaSlider ml-slider allows Object Injection.This issue affects Responsive Slider by MetaSlider: from n/a through = 3.94.0...

9.8CVSS0.00604EPSS
Exploits0References1
Rows per page
Query Builder