WordPress Slider Future <= 1.0.5 - Unauthenticated Arbitrary File Upload

Slider Future WordPress plugin = 1.0.5 contains an unrestricted file upload vulnerability caused by missing file type validation in 'sliderfuturehandleimageupload', letting unauthenticated attackers upload arbitrary files, exploit requires no authentication. id: CVE-2026-1405 info: name: WordPres...

VulnCheck KEV: CVE-2026-1405

The Slider Future plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'sliderfuturehandleimageupload' function in all versions up to, and including, 1.0.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

WordPress Slider‑Future 1.0.5 Exposure Scanner

This Metasploit auxiliary module is designed to detect exposure of the WordPress Slider‑Future plugin REST endpoint at /wp-json/slider-future/v1/upload-image/. The module performs a non-intrusive HTTP request OPTIONS method to determine whether the endpoint is accessible. It does not upload files...

📄 WordPress Slider‑Future 1.0.5 Arbitrary File Upload

This is a Metasploit module that demonstrates an unauthenticated file upload vulnerability in WordPress Slider‑Future plugin version 1.0.5. ============================================================================================================================================= | Title :...

Exploit for CVE-2026-1405

CVE-2026-1405 Slider Future = 1.0.5 - Unauthenticated Arbi...

CVE-2026-1405

The Slider Future plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'sliderfuturehandleimageupload' function in all versions up to, and including, 1.0.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

WordPress Slider Future plugin <= 1.0.5 - Unauthenticated Arbitrary File Upload vulnerability

Unauthenticated Arbitrary File Upload vulnerability discovered by ZAST.AI - ZAST.AI in WordPress Plugin Slider Future versions = 1.0.5...

CVE-2026-1405

The Slider Future plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'sliderfuturehandleimageupload' function in all versions up to, and including, 1.0.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

CVE-2026-1405 Slider Future <= 1.0.5 - Unauthenticated Arbitrary File Upload

The Slider Future plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'sliderfuturehandleimageupload' function in all versions up to, and including, 1.0.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

CVE-2026-1405 Slider Future <= 1.0.5 - Unauthenticated Arbitrary File Upload

The Slider Future plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'sliderfuturehandleimageupload' function in all versions up to, and including, 1.0.5. This makes it possible for unauthenticated attackers to upload arbitrary files on the...

CVE-2026-1405

WordPress Slider Future plugin (versions ≤ 1.0.5) is vulnerable to an Unauthenticated Arbitrary File Upload due to missing file type validation in slider_future_handle_image_upload. This allows unauthenticated attackers to upload arbitrary files to the server, with potential for remote code execu...

WordPress plugin Slider Future 代码问题漏洞

WordPress and WordPress plugins are both products of the WordPress Foundation. WordPress is a blog platform developed using the PHP language. This platform allows for the creation of personal blog websites on servers based on PHP and MySQL. A WordPress plugin is an application that can be install...